Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slow at times, occasionally locks up.


  • Please log in to reply

#1
KaleysLaptop

KaleysLaptop

    New Member

  • Member
  • Pip
  • 7 posts

Win 10 machine. Sometimes slow when booting up, Firefox occasionally freezes up and sometimes the whole O/S locks up too. At this time I cannot even run CCleaner.

Here are my .txt files from my OTL scan.

 

OTL Extras logfile created on: 12/18/2016 2:22:32 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\CJJones\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 71.58% Memory free
16.00 Gb Paging File | 13.77 Gb Available in Paging File | 86.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.47 Gb Total Space | 11.97 Gb Free Space | 8.06% Space Free | Partition Type: NTFS
 
Computer Name: CJJONES-PC | User Name: CJJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 94 84 A4 F9 A8 14 D2 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C7FDDF0-26DB-4644-B427-440B4F2089DC}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{14A3301E-0CF5-4756-9D61-BCC2444D7792}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1B8BF5FD-263A-41AA-BE88-0869A172B3D2}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{27054CD0-8CEA-418B-84A2-5738E3D85267}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{4695A8B9-1058-4AA9-8600-8CCDC0D9D89F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{83166C40-51B4-4825-8E77-A147018C54EC}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{97401F76-A79B-40B3-B19E-30D50D4D72F8}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E0543358-42C9-44BF-B3AE-755650AA4D71}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{F5F7D063-D8F8-43A5-9241-710FF6BD4E07}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002E1B53-9D4D-49B4-B681-BB0A2FD2872F}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{03D436E3-02F6-498A-8767-BD898ADFC7F2}" = dir=out | name=@{microsoft.3dbuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{0435E6B1-67D1-4FE8-AE91-E5C7187FAAA9}" = dir=out | name=@{microsoft.bingnews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{043FD43F-C8A8-4258-B620-074DA8B7150A}" = dir=in | name=microsoft sticky notes |
"{04433AC6-56A6-4ECB-B47A-AEE55E85B6FB}" = dir=out | name=microsoft solitaire collection |
"{0545B675-0007-47A6-A265-6647D3418565}" = dir=out | name=@{microsoft.bingweather_4.16.15.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{05DCDD7A-74DC-48BA-8936-E7DD757AAA29}" = dir=out | name=@{microsoft.bingsports_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{05EB38FD-9D93-4BD2-BC6F-C8DAF06A4011}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe |
"{069BA2BD-3023-460B-B9C6-248F85808A86}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{0758C88F-44B1-4E4D-A24A-BF772DCCDFC1}" = dir=in | name=onenote |
"{084BCA92-A339-4BB6-B571-4F473D6C51EE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{08CC774B-3D70-4A94-AA55-891D9675A839}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{0950BBF0-05E2-46F4-ACAE-325AFAC0F0A2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{09C0EF74-F7CE-4F05-BA03-9A88668B0366}" = dir=out | name=xbox |
"{0A533B8A-09BE-44A2-AAE0-6B8F3661237C}" = dir=in | name=@{microsoft.zunemusic_3.6.23981.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0A609207-E8F4-46E1-87E6-29828020B8CF}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{0A7E284A-5B39-40E9-B014-49CBF88F3DE7}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{0ADDF21C-87F7-41CF-A586-1262A9BCF505}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1608.2441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{0C2D297F-9FE8-49F1-B159-964F560AC7FD}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7167.40721.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{0E571B4D-801C-4A00-A2A5-81DE2A861312}" = dir=out | name=@{microsoft.windowsmaps_5.1608.2310.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{0F06239B-1A8E-4EE3-8235-A1050C6C6504}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{1066FD89-C27C-4170-A817-685BCDB2735E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10D6D2A8-4995-44DA-87AB-F93EFEDACDAD}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{113001B4-5B22-4415-8FD4-38E0D3CA3922}" = dir=in | name=@{microsoft.bingnews_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{11489737-5FB3-435D-9F8B-5A1D37C2B59A}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{128CAF1D-DAAC-4C8A-AE81-39CF15CFAB9F}" = dir=in | name=xbox |
"{12AF17A5-3C61-4FD8-8102-EFC80D1CE52E}" = dir=out | name=@{microsoft.getstarted_4.1.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{1472237F-49F4-44F6-A2D0-C5CD2CA36C9E}" = dir=out | name=store purchase app |
"{159A2353-123B-4A50-B17E-57D1861CD1CF}" = dir=out | name=candy crush soda saga |
"{176EC235-BDE2-40FA-9F74-9B768541048F}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1A18DA82-6894-4A67-9747-F238A4D5E981}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1A21B56C-4423-457E-8DE1-53370DCFDD0E}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.206_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{1A7C0454-890A-4547-AD28-AC9258A02F2E}" = dir=out | app=c:\program files\andy\setupfiles\uninstall.exe |
"{1AEA1431-31D2-48D8-9291-8E57D1B85710}" = dir=in | name=xbox |
"{1B94A5B5-FA12-45C5-8E55-F723671F9589}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{1C549946-F081-4612-AC9C-9842AAEF02A3}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1DF8CCDA-3BFA-44CC-9C36-C62EACBD6F07}" = protocol=58 | dir=out | [email protected],-503 |
"{1E6328F1-30DD-46DF-8BA3-0DACF8391896}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1E9D3A60-BE44-4866-9A84-5425C78AD3C3}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{20392B53-667E-4083-B6A0-8E8C7DF45BFD}" = dir=out | name=microsoft solitaire collection |
"{2187446C-E8A5-4E0C-B024-BC82DFA9FC96}" = dir=in | name=@{microsoft.bingsports_4.16.17.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{21B2EADA-0774-444C-BFA6-6C353F64ECEB}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{21EBDB22-E7D2-4030-9A02-63618F1F8E22}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{221BDB2C-407C-47C7-B7D5-EA4D1CBA8774}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{228E12CB-A490-4A1D-B6C2-0C47D40CC625}" = dir=out | name=@{microsoft.getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{22E1D300-73D3-4DAD-BBAA-587131B698FE}" = dir=in | name=@{microsoft.bingfinance_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{2572BD2C-37A6-4E48-B0EF-0075192663C6}" = dir=out | app=c:\program files\andy\andy.exe |
"{25F3C686-B5DC-4A57-BBCD-BC98C641484B}" = dir=in | app=c:\program files\andy\andyconsole.exe |
"{26943FDE-3A2C-466E-BD9A-861D1A44A4C2}" = dir=out | name=@{microsoft.microsoftofficehub_17.7420.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{2901B00B-BFCF-4928-83CF-0234090CD586}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7466.41167.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{29086DDC-2CB2-4EFF-88C0-58A707537A76}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{291E7DB6-4EF8-4425-A0EC-9EC1CB93F7E1}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{2981220D-AD57-4B64-A5B1-49E912F4F791}" = dir=in | name=@{microsoft.bingnews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{2B7015F3-5620-4C1E-A6ED-B1C3A321B112}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{2F3F1752-5C05-468C-B252-6CF3127B574D}" = dir=out | app=c:\program files\andy\handyandy.exe |
"{2FAE80A0-1FFC-4441-B01E-756CB7D047F0}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{310537D4-1385-4F38-BBE6-2ABF3592646C}" = dir=out | name=@{microsoft.bingfinance_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{31A6E663-61FF-4F21-A216-04DC64A413FB}" = dir=in | app=c:\program files\andy\setupfiles\uninstall.exe |
"{3211D113-C4F3-45B1-BA51-5B022DFB5C67}" = dir=in | name=@{microsoft.bingweather_4.16.15.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{324744F6-BFD8-4C8C-B787-13CDAF5B824B}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{3290DE31-8951-4141-88AD-7D17D5E29926}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{331232FD-B51F-46E5-B7B1-D8D1EA2CE794}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{33244004-E347-485E-8181-7DC16909BED9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{336C4761-033D-45CF-B98B-F609ADE13F8D}" = dir=in | name=@{microsoft.microsoftofficehub_17.7420.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{3478E875-6C66-43F4-A5D1-E7EA051EFF3C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3776B4D8-7DFF-456C-AC06-6674D561B889}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3779DF6F-587D-482E-8C17-383D0F9D9789}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{37A661BC-2D8D-4EB8-8C8E-DEE0FA5BD033}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{37FDA32D-07C0-4B80-A42E-90BFB9C11183}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{3910C667-F3C9-4AFC-AB20-222A7ACEDA07}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{397DD36F-250E-4C7C-B2F3-41EA379F9C20}" = dir=out | name=xbox |
"{397F3441-23EC-4CDF-866A-B2F89F2A2A7F}" = dir=out | name=microsoft solitaire collection |
"{3B2DB804-5998-4813-9F1F-B499387DD93F}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{3BB526CC-CA6E-434B-B9B9-04E1BDF9E5BA}" = dir=in | name=microsoft solitaire collection |
"{3BE6925F-3F4A-4F03-B162-F20A4DF9450A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe |
"{3C8E4A9A-DC83-4F00-8DE1-7A5FFE56FF38}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{3FC57C0A-6770-4B6F-B7C3-7368E17773EE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{3FCDC72F-AAB8-4C61-BC6B-7A0C83E0CA7F}" = dir=out | app=c:\program files\andy\andyconsole.exe |
"{4092E637-A48D-482F-9C7B-3507072593EF}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{4096D09F-1058-4CF9-9802-1756BE7EA626}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{4212FEF6-8B03-4227-8E00-8396AACCE65B}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{43853244-68F5-41BA-8F17-6B540CF43A70}" = dir=out | name=sway |
"{444B50DF-3D5E-48C7-80ED-44B991236B88}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{47900BD3-0D01-4DA9-B6F3-A537C8383805}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{47E702B8-385C-4906-8C83-B79DA1B74513}" = dir=out | name=twitter |
"{4AC8EE0A-B13A-407E-B9E9-38F82421101A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4B64D8F3-8D2C-4886-885E-F3421892F2F1}" = dir=out | name=windowsdvdplayer |
"{4B6A89E5-CB6E-4836-AE5F-C44B84E7A0F2}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{4B93D1EA-F3A9-4F5A-AE93-6B931036C3E0}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{4C2FE491-F931-4B55-B5C0-0D1C954EA5A4}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{4CCF58A5-DA36-4CD5-AD49-A64B5A193BE9}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{5111B049-2179-434C-8CE6-4195293C6BFF}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{52880E2C-6089-40B4-8933-E7BD1243268F}" = dir=out | name=sway |
"{5356D437-0F5E-4BE5-B8D9-49E417671504}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{54FDB286-5557-483B-B6F9-705399EB6F11}" = dir=in | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{56404909-719A-4DDF-9D0B-4B2A6C77199D}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{5783A451-54C1-4284-B14E-3B11A4D4EB6A}" = dir=out | name=@{microsoft.3dbuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{57BF833C-9C03-4E15-B64C-F0DBEB57370C}" = dir=out | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{5965BB5A-A042-4F14-B3CF-5E44FD0975B6}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{599E9B06-D9BD-4DEE-AD60-9778A6E7749D}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{5A220CB3-DEE8-4660-BE74-F39CF05A7427}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{5AB08E5C-3CCA-4B4F-B30B-9240BBA16C09}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{5B7712EE-8B99-4CA8-AB49-D4CC926AB26F}" = dir=in | name=@{microsoft.zunevideo_10.16092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5CDD5B28-BB52-4A0F-805E-B0D9A4D45C7B}" = dir=out | name=candy crush soda saga |
"{5D588398-2A54-49FC-A687-A3349D43F42E}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{5D65D0B0-4160-4179-8873-2E4CCCB7A50C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5E18F0D6-50B2-489F-B533-712FBAF38904}" = dir=out | name=@{microsoft.zunemusic_10.16092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5EB63AF3-6946-447F-9E90-33B66AC48AC6}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{5FA04A8F-8AEC-4442-9579-637A337FEFDE}" = dir=in | name=@{microsoft.bingweather_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{5FBA1188-90CC-441D-8391-DA217F47F429}" = dir=in | name=@{microsoft.bingnews_4.16.22.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{60A9A78D-D3DF-4BB1-AD15-E9434D1ED8E9}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{620CB7CC-91E0-44CF-9D89-265F1D5CA2EF}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{62C9F697-DB47-4811-822A-C47A342A41BE}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{64A7C609-A299-4401-83A4-035019B11332}" = dir=out | name=@{microsoft.bingnews_4.16.22.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{64C4F0A4-E7B0-45B6-9831-69BC60750BAC}" = dir=out | name=microsoft sticky notes |
"{65174FFC-A977-494B-A515-DF553F0C42C1}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{66331E9F-7241-4885-9371-FBFF902AEE4B}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{66B0F8E0-64C2-443F-938F-C0C958E9EC18}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{688483E1-0B69-4C21-A61D-639FA4835499}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{68A48885-054A-4B0D-8A67-FB837B73EFC8}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{6973DC9E-BE83-4380-BAA6-E5A2C6F33814}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{6C2DE921-BE19-411E-8651-2C15738BD967}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{6F3A6584-A2E3-4756-8BE4-1F8FE9B4514E}" = dir=out | name=@{microsoft.bingweather_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{6F983274-801F-4718-9EE8-625AA1FBABA6}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{70308D8D-66AC-4258-A80F-94162C8DB07F}" = protocol=58 | dir=in | app=system |
"{7085F5FE-CDA9-4EDE-8C59-34C641613BE3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{73CD3BFB-C57B-41C7-BE2F-E33519353517}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{74EC325B-1926-48C5-873B-EFEC6C20F6F7}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{770ED8AF-FABD-4EAD-A5EE-9B8BEBF8225C}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{79094AB3-8C07-4B9B-836A-6796A8568F35}" = dir=in | name=xbox |
"{7B02EFDE-1410-4BF7-9A60-DAEBF5D8092E}" = dir=in | app=c:\program files\andy\handyandy.exe |
"{7B0462C7-4C76-4A57-B3E0-BF654A01D380}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{7CAE1990-28B7-4F15-8567-2A3C11A4790D}" = dir=out | name=@{microsoft.people_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{7DEA4D3E-4F8A-45CE-A062-926BB2FD3FCD}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.206_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{7E7A2744-9118-4BA1-A7B5-22318B64DD99}" = dir=out | name=@{microsoft.bingnews_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{7ED54C49-35D3-447D-BDE8-04E7BB19A733}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{83CD5757-458F-411D-9ADB-71CA4A962723}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{84BFB973-248F-4001-99C6-1067B11239E6}" = dir=in | name=@{microsoft.microsoftofficehub_17.7319.23511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{86D03073-4E36-4704-9270-3ABA8EE7DA86}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{873182B8-588B-450A-A518-E960A2E4B1BC}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{87FE2FF5-2808-4C94-8756-D579E92A6EA8}" = dir=in | name=@{microsoft.bingsports_4.13.47.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{8A1D120B-A5BA-4E18-805D-C5F7E899DD5B}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{8A3F17A7-68F0-423C-AC73-D0009FD14147}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{8F92B94E-F7E5-4EAB-95F4-080C01288BA1}" = dir=in | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{9126CB37-86DB-421C-99B1-6C5D07068EBC}" = dir=out | name=tunein radio |
"{92377268-10F6-401A-B1A5-0D7410A46B69}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{9304A4E7-7F85-414D-8DF1-279AF8923894}" = dir=out | name=@{microsoft.windowsphone_10.1608.2211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{94E2651E-8FC9-463A-A0B3-E1B0F62E49DF}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{953B2151-2C89-4B1B-B10D-4EF99B2BB29D}" = dir=out | name=store purchase app |
"{95EA0555-5BBF-4E0B-AB65-729FD5E78703}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{96C7B444-6DD7-439A-8255-66BA35EE27E2}" = dir=out | name=@{microsoft.windowsstore_11610.1001.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{97939030-1522-4C29-9614-702FD891FD11}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{98DE9F58-63E5-43F0-B681-20EBBE7D95DA}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{98E15A6B-70C4-4DF6-94CF-1DAEF9A10081}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{99A8FD52-3B54-4F61-8667-E5472FC0F7DA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7466.41167.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{9A7335B1-C485-4737-A4B8-1C4BB1D3E8BE}" = dir=out | name=xbox |
"{9D0ECE7A-59DD-46BA-A5AC-EDD8A63721B4}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{9D7E8569-DDD8-43DD-B5E7-EC93165A41F6}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{9D9991C6-E550-42EB-BEFF-096C36576865}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9DB370DC-668E-4E51-9919-2FF88010ADE4}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1608.2441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{9DB69D58-717D-480F-A538-E23F3FDB4804}" = dir=out | name=@{microsoft.skypeapp_11.9.251.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{9DD9FCB5-CC02-4390-8855-69CEB638F1BD}" = dir=out | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A06EC9C7-9A4D-4F88-B3F7-8744FF412C7C}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A150C28F-A0DE-4D67-BF70-9D6D57A39E2E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7167.40721.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{A4D87546-9383-4E5B-885F-AA1402DDAEF2}" = dir=in | name=onenote |
"{A8FC035B-831E-458B-A299-C640A9D3B860}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{AB602D49-2908-4F31-9E60-1B786B73F436}" = dir=in | name=@{microsoft.zunevideo_3.6.23941.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{ABD7D2F7-3FBD-43E1-9FB8-79D604E11DEC}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{ACEBA5BB-31AB-4A30-B1CB-163881A293A6}" = dir=in | app=c:\program files\andy\setupfiles\uninstall.exe |
"{ACFF5811-30F0-4E98-BA26-DFAF36332083}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{AF5DCBD6-EE83-4A25-8DEC-3F1D0A0A7CFC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B0E26074-EF11-4774-AC69-746B701E2A0A}" = dir=in | name=fox sports go |
"{B1E3862D-F7E5-4959-B98B-E59096BF407B}" = dir=out | name=@{microsoft.zunevideo_10.16092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B204FD3E-660E-403E-8DFD-99D8A36D953B}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{B2494B62-8309-4CD6-8A59-1D4E690A7033}" = dir=in | name=sway |
"{B30417EC-7D12-41EF-AE2A-E404E964C43A}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{B335F2C4-6022-4092-8358-6952D6BADA1D}" = dir=in | name=sway |
"{B3C036EC-436A-4F31-B405-3F11E7AF1700}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{B472FDB1-D3F3-4064-B5D0-FE6CF44972A5}" = dir=in | name=tunein radio |
"{B4E9C1A3-1D02-4F21-AD78-8BBEBE4E96C2}" = dir=out | app=c:\program files\andy\setupfiles\uninstall.exe |
"{B5B4E87E-3876-4952-B998-D863C9AE6757}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{B5EA5CFA-2972-45B9-89F9-F0FA0DE77B26}" = dir=out | name=@{microsoft.zunemusic_3.6.23981.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B681F687-3A95-4AA7-9037-F82BEF72BCA1}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{B71CCDCD-5BC4-4176-BAC1-CD95D925F912}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B8D54402-9F25-4C58-9FA3-0C28523B9611}" = dir=out | name=@{microsoft.zunevideo_3.6.23941.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B9911EE1-73D7-4AF1-83BE-7A3A01427DF4}" = dir=out | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{BA65B4F7-FC5A-4104-A91A-C865BC23DC43}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{BC675B20-F579-401C-B890-B096C6D248DA}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{BCC0702C-69DB-4D68-B896-22ABB5BEEDD3}" = dir=out | name=fox sports go |
"{BCEC27B5-5671-446C-AC3F-75EEB5F2B0AF}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BD4C697C-575F-48A9-B445-4B2C08DA0994}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{BDBDBD22-3ECC-4C73-B0C7-4BC58F95C4BE}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{BFADAA4B-C3A9-4426-9B86-995226F53422}" = dir=out | name=windowsdvdplayer |
"{C13AB35B-EAAA-4FCA-8658-3E8E04F7C064}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C1DAE27E-F088-4C56-8D1E-B3B104A31552}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{C5DCA644-627F-4E01-ACCC-EF728E1A1C5C}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C5F80580-6217-4236-9E9E-B9F1ACA5425E}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{C68EDCC8-3605-481D-B274-12E8A5F0887C}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{C6AA8D4D-73D2-4F65-8C45-8400EE1EC87C}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C79BF894-DEB4-4266-9AB0-A8E565453375}" = dir=in | app=c:\program files\andy\andy.exe |
"{CA00CFEB-DCED-418D-9349-F501AD5D1736}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{CAD40D5F-E335-46E0-92DE-F175E55A0C10}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{CCA5F684-8657-4489-8D2F-C2090FA18729}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{CD557EFF-4F43-4303-A78F-77F725FACFFE}" = dir=out | name=onenote |
"{CF20CE1E-386B-4AC5-96CA-2079346DCA98}" = dir=out | name=sway |
"{CF9D51D4-5132-44E3-8AE3-D631805CAE58}" = dir=out | name=microsoft sticky notes |
"{CFD57D9A-D106-43F0-B5D8-11A019EA51C1}" = dir=out | name=onenote |
"{D06328BD-D026-48E1-8E41-838FBF59AF84}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{D257F998-D94A-4CB4-9971-33C7FA4BBFE4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe |
"{D27BE113-86B3-4141-9CBD-9C7F85361ADA}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{D2A42A40-FFCD-47E3-9E24-7C23485B7CE6}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D2E52D8C-2103-4908-88A6-F619D57D50AE}" = dir=in | name=sway |
"{D3096EA5-1FC9-4E32-A56A-02750FFEBD23}" = dir=out | name=windows_ie_ac_001 |
"{D32AE6F2-5F39-4AAF-B85D-CE507C4F71F8}" = dir=in | name=microsoft solitaire collection |
"{D369A655-0D6F-4C48-982F-9369474BCA85}" = dir=out | name=@{microsoft.bingfinance_4.16.19.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{D3C5F251-2DBF-4DD2-9B59-117D342CD866}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{D693AD77-DCCD-49D7-BEEE-7A6DFF15D998}" = dir=out | name=@{microsoft.microsoftofficehub_17.7319.23511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{DA57A225-B176-452A-A2FC-09461FF509FD}" = dir=out | name=@{microsoft.windowsmaps_5.1609.2651.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{DADEFA19-7258-4BD2-BEC2-2119634E16F8}" = dir=in | name=onenote |
"{DB3F6A55-0687-45CC-825C-0F3D8BE58837}" = dir=in | name=microsoft sticky notes |
"{DC9BA224-437E-4E0C-BC1F-D9F8633F18BD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DD5698EE-2C96-4078-B91E-E15D64FCDBB4}" = dir=out | name=onenote |
"{DF0D5658-B542-48BC-A706-309EFBFFB9F7}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{E028915C-3E4D-4D6D-8082-5832F5E3B09D}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{E0768FD3-8779-4B1D-A098-41EDB252CF39}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E1A2811F-67B2-49FD-BE91-E3EE1E191746}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{E321E017-BC59-4281-8727-0A63D38243D3}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{E4CF90D4-6B63-480E-A4FF-F020FB3D3F3A}" = dir=in | name=@{microsoft.skypeapp_11.9.251.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{E52A4643-5801-4CA9-A617-955F68C5B37E}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{E748F7D3-BF3E-418D-A879-9C51A8374852}" = dir=out | name=twitter |
"{E763AD0A-7D54-4EF3-9A1E-04B0910DC1CD}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{E7A7EC33-2858-427A-9A6F-F1645AEDA2B7}" = dir=in | name=microsoft solitaire collection |
"{E8A39146-CC94-4A5B-94F2-0642727B17B5}" = dir=in | name=@{microsoft.windowsstore_11610.1001.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{EA2CC8B2-9AD9-44F0-A0CB-5B81549F0A68}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{EAD83221-3B06-4108-9151-0C9D426E1521}" = dir=out | name=windowsdvdplayer |
"{ECB2DC3F-E000-4942-92AB-FD1B6ECCAC46}" = dir=in | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F00E7FB5-C346-43D3-8833-65B88C5B5B9B}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{F58B2370-A4B2-4DD7-A299-4ED56CD3A740}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{F6A9CCED-D744-4464-A855-C267A74C0C5E}" = dir=out | name=@{microsoft.people_10.1.2850.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{F829FC24-FBFC-4028-8FC0-B4C1F8012905}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{F83FB1A1-B9E4-4410-B987-0BDBC208FCF8}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{F872FBB7-7472-4F56-A05E-2CDF8923BF73}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{FB2616FF-5495-49D8-9DC6-7338AD3DEF14}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{FB56FAFC-87B0-4E0D-83F7-98344C3CD33B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe |
"{FC299B5F-E184-440B-9E78-6CB4EB08849F}" = dir=in | name=@{microsoft.bingfinance_4.16.19.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{FDD506F6-0E7B-4D5B-905B-5A8961663EB9}" = dir=out | name=@{microsoft.bingsports_4.16.17.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{FF667A35-4F34-4164-897E-8A34D1BA70A5}" = dir=in | name=@{microsoft.zunemusic_10.16092.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"TCP Query User{74D6F441-8C0B-497D-B09C-794A1F734BF3}C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{CAC5F913-3DEE-4914-B75D-11F637A9BD1E}C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{073DEA4A-D715-48D5-86E5-BBDC13AC95F4}C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{6BB25D36-6F44-41F7-B5D2-33F2BE1E9D80}C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21E47F47-C9A7-4454-BA48-388327B0EA00}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{25E80DAA-FD87-DCE5-202C-CC02F6673002}" = Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{3D49031D-AEDF-4FC2-816F-CCE428CFA58A}" = AVG
"{4812D3B9-F8DE-40EF-888E-54B2FDF21A55}" = AVG 2016
"{50B62078-D231-46A3-BA7C-23DCFA0E6101}" = AVG Zen
"{537B7F85-2B95-44ED-8D90-765F6F36D666}" = VMware Player
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{9EA981E5-EE67-4662-86F1-58937D31FE07}" = Nitro Reader 3
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 342.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.11.4.125
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.11.4.125
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.11.4.125
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.41
"{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}" = FMW 1
"Andy OS" = Andy OS
"AVG" = AVG Protection
"AvgZen" = AVG
"CCleaner" = CCleaner
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13743594-F75E-491E-9EFF-203C8F8DF705}" = RealDownloader
"{26A24AE4-039D-4CA4-87B4-2F32180111F0}" = Java 8 Update 111
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.4.0.1
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8B6202FD-3790-4DD4-B343-51736F7FF4E5}" = Video Downloader
"{8D5E8DA1-0420-4A3B-9B29-8F3A00B32BDF}" = RealDownloader
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{923578AC-231E-4A7C-8AB8-A90C16B8A507}" = Facebook Games Arcade 0.11.2.4
"{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}" = vc2012_redist
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}" = Google Earth
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-0804-1033-1959-001824205020}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{f05bfa4b-0c78-4a3e-aa74-8c220b4a7782}" = RealDownloader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}" = VMware VIX
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"AVG Web TuneUp" = AVG Web TuneUp
"BlueStacks" = BlueStacks App Player
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"Mozilla Firefox 50.1.0 (x86 en-US)" = Mozilla Firefox 50.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"VLC media player" = VLC media player
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/18/2016 3:00:30 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 489
Description = taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file
operation will fail with error -1032 (0xfffffbf8).
 
Error - 12/18/2016 3:00:30 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 455
Description = taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error - 12/18/2016 3:00:40 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 489
Description = taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file
operation will fail with error -1032 (0xfffffbf8).
 
Error - 12/18/2016 3:00:40 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 455
Description = taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error - 12/18/2016 3:00:50 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 489
Description = taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file
operation will fail with error -1032 (0xfffffbf8).
 
Error - 12/18/2016 3:00:50 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 455
Description = taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error - 12/18/2016 3:01:00 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 489
Description = taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file
operation will fail with error -1032 (0xfffffbf8).
 
Error - 12/18/2016 3:01:00 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 455
Description = taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error - 12/18/2016 3:02:19 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 489
Description = taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file
operation will fail with error -1032 (0xfffffbf8).
 
Error - 12/18/2016 3:02:19 PM | Computer Name = CJJones-PC | Source = ESENT | ID = 455
Description = taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
[ System Events ]
Error - 12/17/2016 1:50:05 PM | Computer Name = CJJones-PC | Source = DCOM | ID = 10016
Description =
 
Error - 12/17/2016 1:50:44 PM | Computer Name = CJJones-PC | Source = DCOM | ID = 10016
Description =
 
Error - 12/18/2016 2:32:22 PM | Computer Name = CJJones-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:00:41 PM on ?12/?18/?2016 was unexpected.
 
Error - 12/18/2016 2:31:50 PM | Computer Name = CJJones-PC | Source = BTHUSB | ID = 327685
Description = The Bluetooth driver expected an HCI event with a certain size but
 did not receive it.
 
Error - 12/18/2016 2:32:35 PM | Computer Name = CJJones-PC | Source = Service Control Manager | ID = 7001
Description = The NetTcpActivator service depends on the NetTcpPortSharing service
 which failed to start because of the following error:   %%1058
 
Error - 12/18/2016 2:32:39 PM | Computer Name = CJJones-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 12/18/2016 2:33:28 PM | Computer Name = CJJones-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 12/18/2016 2:33:34 PM | Computer Name = CJJones-PC | Source = DCOM | ID = 10016
Description =
 
Error - 12/18/2016 2:33:36 PM | Computer Name = CJJones-PC | Source = DCOM | ID = 10016
Description =
 
Error - 12/18/2016 2:33:36 PM | Computer Name = CJJones-PC | Source = DCOM | ID = 10016
Description =
 
 
< End of report >
 

 

 

 

OTL logfile created on: 12/18/2016 2:22:32 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\CJJones\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
8.00 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 71.58% Memory free
16.00 Gb Paging File | 13.77 Gb Available in Paging File | 86.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.47 Gb Total Space | 11.97 Gb Free Space | 8.06% Space Free | Partition Type: NTFS
 
Computer Name: CJJONES-PC | User Name: CJJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2016/12/18 14:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CJJones\Downloads\OTL.exe
PRC - [2016/12/17 09:48:17 | 000,510,920 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/12/09 12:07:54 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/12/06 10:12:34 | 001,519,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
PRC - [2016/11/14 15:35:56 | 002,180,680 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
PRC - [2016/11/14 15:35:56 | 000,980,552 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
PRC - [2016/11/14 15:35:55 | 001,349,704 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
PRC - [2016/11/02 08:14:18 | 001,296,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgrsa.exe
PRC - [2016/11/02 08:14:04 | 001,186,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\Av\avgcsrva.exe
PRC - [2016/10/21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/10/18 13:42:25 | 002,397,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/10/18 13:42:18 | 001,879,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/07/21 15:29:22 | 000,425,496 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
PRC - [2016/07/11 13:46:34 | 000,483,992 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
PRC - [2016/07/05 17:18:36 | 000,714,992 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
PRC - [2016/06/14 21:21:33 | 001,095,440 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2016/06/14 21:21:30 | 000,293,768 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2016/05/13 14:13:26 | 000,032,544 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2016/04/14 17:17:40 | 000,392,896 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2016/04/14 17:17:22 | 000,358,080 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2016/04/14 16:54:08 | 000,097,864 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/12/09 12:07:50 | 001,244,376 | ---- | M] () -- C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
MOD - [2016/11/28 11:59:10 | 048,920,064 | ---- | M] () -- C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
MOD - [2016/11/14 15:35:56 | 002,180,680 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
MOD - [2016/10/18 13:42:25 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/07/05 17:18:40 | 000,077,552 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
MOD - [2016/07/05 17:18:36 | 000,714,992 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MOD - [2016/06/14 21:21:33 | 000,654,608 | ---- | M] () -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
MOD - [2016/05/13 13:20:10 | 001,382,048 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016/10/18 13:42:17 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/10/18 13:42:07 | 003,632,576 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/10/18 13:42:07 | 002,521,024 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/10/05 04:20:35 | 000,804,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2016/10/05 04:19:08 | 002,265,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2016/10/05 04:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2016/10/05 04:17:34 | 004,136,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2016/10/05 04:15:38 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2016/09/22 06:27:21 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2016/09/22 06:27:10 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2016/09/22 06:27:10 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2016/09/22 06:27:10 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016/09/22 06:27:07 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2016/09/22 06:27:07 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2016/09/22 06:27:04 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2016/09/22 06:27:03 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2016/09/22 06:19:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2016/09/22 06:19:21 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2016/09/15 12:29:55 | 000,823,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:64bit: - [2016/09/15 12:24:30 | 000,764,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2016/09/15 12:11:03 | 002,889,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV:64bit: - [2016/09/15 11:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2016/09/15 11:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2016/09/15 11:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2016/09/15 11:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2016/09/15 11:36:48 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2016/09/15 11:36:22 | 000,410,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2016/09/15 11:36:05 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2016/09/15 11:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2016/09/15 11:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2016/09/15 11:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2016/09/15 11:33:01 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2016/09/15 11:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2016/09/15 11:23:06 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2016/09/15 11:22:05 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2016/09/15 11:20:07 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2016/08/05 22:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2016/07/16 09:28:31 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:64bit: - [2016/07/16 09:28:13 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2016/07/16 06:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2016/07/16 06:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2016/07/16 06:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2016/07/16 06:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2016/07/16 06:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2016/07/16 06:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2016/07/16 06:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2016/07/16 06:42:39 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2016/07/16 06:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2016/07/16 06:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2016/07/16 06:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2016/07/16 06:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2016/07/16 06:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2016/07/16 06:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2016/07/16 06:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016/07/16 06:42:27 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2016/07/16 06:42:27 | 000,265,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016/07/16 06:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2016/07/16 06:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_d4210)
SRV:64bit: - [2016/07/16 06:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_d4210)
SRV:64bit: - [2016/07/16 06:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2016/07/16 06:42:22 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016/07/16 06:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2016/07/16 06:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2016/07/16 06:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2016/07/16 06:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2016/07/16 06:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2016/07/16 06:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016/07/16 06:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2016/07/16 06:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2016/07/16 06:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2016/07/16 06:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2016/07/16 06:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016/07/16 06:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2016/07/16 06:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2016/07/16 06:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2016/07/16 06:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2016/07/16 06:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016/07/16 06:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016/07/16 06:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2016/07/16 06:42:05 | 002,104,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2016/07/16 06:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2016/07/16 06:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016/07/16 06:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2016/07/16 06:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2016/07/16 06:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2016/07/16 06:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2013/07/26 06:48:28 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV - [2016/12/17 09:48:17 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/12/13 22:33:15 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/12/06 10:12:36 | 001,146,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe -- (avgsvc)
SRV - [2016/11/14 15:35:56 | 000,980,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport)
SRV - [2016/11/14 15:35:55 | 001,349,704 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe -- (vToolbarUpdater40.3.6)
SRV - [2016/11/02 08:20:22 | 005,337,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgidsagenta.exe -- (AVGIDSAgent)
SRV - [2016/11/02 08:12:10 | 000,727,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\Av\avgwdsvca.exe -- (avgwd)
SRV - [2016/11/02 08:09:14 | 000,647,864 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\Av\avgamps.exe -- (AvgAMPS)
SRV - [2016/10/21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/10/18 13:42:18 | 001,879,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/10/05 04:09:49 | 003,369,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/09/22 06:19:36 | 000,507,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2016/09/22 06:19:36 | 000,507,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2016/09/22 06:19:27 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2016/09/22 06:19:24 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2016/09/15 11:56:09 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/09/15 11:16:15 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/08/05 22:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/07/21 15:29:22 | 000,425,496 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2016/07/21 15:28:34 | 000,445,976 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluestacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2016/07/21 15:26:17 | 000,462,360 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe -- (BstHdPlusAndroidSvc)
SRV - [2016/07/16 06:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 06:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/06/14 21:21:33 | 001,095,440 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealTimes Desktop Service)
SRV - [2016/05/13 14:13:26 | 000,032,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2016/04/14 17:17:40 | 000,392,896 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2016/04/14 17:17:22 | 000,358,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2016/04/14 16:54:08 | 000,097,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2016/03/10 08:03:16 | 000,907,968 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016/10/19 14:13:48 | 000,267,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2016/10/18 13:42:06 | 000,027,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/10/17 17:19:16 | 000,312,576 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2016/10/05 15:01:16 | 000,267,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2016/10/05 05:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016/10/05 05:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2016/09/26 17:19:22 | 000,254,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2016/09/22 06:27:22 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2016/09/22 06:27:10 | 000,062,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2016/09/22 06:27:04 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2016/09/22 06:27:03 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2016/09/22 06:27:03 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016/09/22 06:19:35 | 000,175,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2016/09/22 06:18:13 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2016/09/15 12:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2016/09/15 12:29:52 | 000,127,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:64bit: - [2016/09/15 12:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2016/09/15 12:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2016/09/15 12:15:20 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2016/09/15 12:15:03 | 000,218,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2016/09/15 12:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2016/09/15 11:41:54 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2016/09/15 11:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2016/08/04 05:52:42 | 000,313,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2016/08/03 23:20:14 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/07/16 09:29:02 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2016/07/16 09:28:44 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:64bit: - [2016/07/16 09:28:31 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:64bit: - [2016/07/16 09:28:14 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2016/07/16 09:28:02 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2016/07/16 09:27:56 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:64bit: - [2016/07/16 09:27:56 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:64bit: - [2016/07/16 06:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2016/07/16 06:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2016/07/16 06:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2016/07/16 06:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2016/07/16 06:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2016/07/16 06:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2016/07/16 06:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2016/07/16 06:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2016/07/16 06:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2016/07/16 06:42:35 | 000,376,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2016/07/16 06:42:35 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2016/07/16 06:42:35 | 000,045,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2016/07/16 06:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2016/07/16 06:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2016/07/16 06:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016/07/16 06:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2016/07/16 06:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2016/07/16 06:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2016/07/16 06:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2016/07/16 06:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2016/07/16 06:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2016/07/16 06:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2016/07/16 06:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2016/07/16 06:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2016/07/16 06:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2016/07/16 06:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2016/07/16 06:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2016/07/16 06:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2016/07/16 06:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2016/07/16 06:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2016/07/16 06:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2016/07/16 06:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2016/07/16 06:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2016/07/16 06:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2016/07/16 06:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:64bit: - [2016/07/16 06:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2016/07/16 06:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2016/07/16 06:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2016/07/16 06:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2016/07/16 06:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2016/07/16 06:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2016/07/16 06:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2016/07/16 06:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2016/07/16 06:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016/07/16 06:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016/07/16 06:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2016/07/16 06:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2016/07/16 06:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016/07/16 06:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2016/07/16 06:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2016/07/16 06:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2016/07/16 06:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2016/07/16 06:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2016/07/16 06:41:54 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2016/07/16 06:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2016/07/16 06:41:54 | 000,081,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2016/07/16 06:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2016/07/16 06:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2016/07/16 06:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2016/07/16 06:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2016/07/16 06:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2016/07/16 06:41:54 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthHfAud.sys -- (BthHFAud)
DRV:64bit: - [2016/07/16 06:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2016/07/16 06:41:54 | 000,033,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2016/07/16 06:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2016/07/16 06:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2016/07/16 06:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2016/07/16 06:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2016/07/16 06:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2016/07/16 06:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2016/07/16 06:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2016/07/16 06:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2016/07/16 06:41:53 | 000,344,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2016/07/16 06:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2016/07/16 06:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2016/07/16 06:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:64bit: - [2016/07/16 06:41:53 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016/07/16 06:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2016/07/16 06:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2016/07/16 06:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2016/07/16 06:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2016/07/16 06:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2016/07/16 06:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2016/07/16 06:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2016/07/16 06:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2016/07/16 06:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2016/07/16 06:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2016/07/16 06:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2016/07/16 06:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2016/07/16 06:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2016/07/16 06:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2016/07/16 06:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2016/07/16 06:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2016/07/16 06:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2016/07/16 06:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2016/07/16 06:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2016/07/16 06:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2016/07/16 06:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2016/07/16 06:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2016/07/16 06:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2016/07/16 06:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2016/07/16 06:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2016/07/16 06:41:53 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2016/07/16 06:41:53 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2016/07/16 06:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2016/07/16 06:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2016/07/16 06:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2016/07/16 06:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2016/07/16 06:41:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2016/07/16 06:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2016/07/16 06:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2016/07/16 06:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2016/07/16 06:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2016/07/16 06:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2016/07/16 06:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2016/07/16 06:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2016/07/16 06:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2016/07/16 06:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2016/07/16 06:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2016/06/20 14:22:20 | 000,077,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avguniva.sys -- (Avguniva)
DRV:64bit: - [2016/06/01 12:16:40 | 000,052,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2016/05/13 06:52:10 | 000,163,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2016/04/24 23:35:58 | 000,221,824 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2016/04/24 23:35:52 | 000,129,152 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2016/04/14 17:17:44 | 000,066,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2016/04/14 16:53:42 | 000,026,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2016/04/14 16:53:32 | 000,048,832 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2016/04/14 16:53:32 | 000,028,864 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2016/03/10 08:03:16 | 000,057,536 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2016/02/16 15:05:56 | 000,360,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2016/01/07 15:03:54 | 000,021,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2015/11/05 18:25:42 | 000,090,816 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2015/11/05 18:25:42 | 000,075,512 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013/11/20 10:43:50 | 002,702,336 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athuwbx.sys -- (athur)
DRV:64bit: - [2011/07/22 10:33:48 | 000,025,056 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2016/07/21 15:29:04 | 000,152,672 | ---- | M] (BlueStack Systems) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2016/07/21 01:16:12 | 000,270,904 | ---- | M] (Bluestack System Inc. ) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Bluestacks\BstkDrv.sys -- (BstkDrv)
DRV - [2016/07/16 06:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg...fr&d=2016-11-1420:36:02&v=4.3.6.255&pid=wtu&sg=&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 F9 FC 78 A1 11 D1 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 8A B9 0D F8 FB A0 D1 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg...fr&d=2016-11-1420:36:02&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en)"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=18.1.4.135: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=18.1.4.135: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2015/10/28 19:49:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CJJones\AppData\Roaming\Mozilla\Extensions
[2016/11/14 15:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\extensions
[2016/11/14 15:35:54 | 000,181,610 | ---- | M] () (No name found) -- C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\extensions\[email protected]
[2016/08/19 21:21:57 | 000,328,479 | ---- | M] () (No name found) -- C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/11/14 15:36:17 | 000,014,316 | ---- | M] () -- C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\searchplugins\avg-secure-search.xml
[2016/12/17 09:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmodppofjbaoggbchnngcaljngfffloj\1.2.33_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpheinlpjdffpdakjegbcphdfeekpnn\1.0_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll (AVG)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll (AVG)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe ()
O4 - HKCU..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [OneDrive] C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\CJJones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Games Arcade (BETA).lnk = C:\Users\CJJones\AppData\Local\Facebook\Games\FacebookGames.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32c1b25b-27e5-40d0-a516-b4cb730fbec8}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/12/15 01:29:57 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2016/12/15 01:29:54 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
[2016/12/15 01:15:23 | 000,000,000 | ---D | C] -- C:\Users\CJJones\Desktop\Logo
[2016/12/12 19:23:15 | 000,000,000 | ---D | C] -- C:\Users\CJJones\Desktop\Leigha Gishwes buttoms
[2016/12/09 15:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2016/12/09 00:27:19 | 000,000,000 | ---D | C] -- C:\Users\CJJones\AppData\Local\CrashDumps
[2016/12/07 11:27:05 | 000,066,752 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\SysNative\drivers\vmx86.sys
[2016/12/07 11:25:29 | 000,057,536 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\SysNative\drivers\hcmon.sys
[2015/09/06 02:10:27 | 019,648,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MediaCreationToolx64.exe
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\Users\CJJones\Documents\*.tmp files -> C:\Users\CJJones\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2016/12/18 13:34:19 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/12/18 13:33:39 | 000,062,200 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161218133239
[2016/12/18 13:32:18 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/12/18 13:32:17 | 2146,820,095 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/18 11:36:47 | 000,049,159 | ---- | M] () -- C:\Users\CJJones\Desktop\pl.jpg
[2016/12/17 21:10:19 | 000,031,014 | ---- | M] () -- C:\Users\CJJones\Desktop\momcancook.jpg
[2016/12/17 19:50:28 | 000,093,431 | ---- | M] () -- C:\Users\CJJones\Desktop\aux waterpump durango.jpg
[2016/12/17 14:40:10 | 001,541,585 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161217143936
[2016/12/17 14:40:10 | 000,337,105 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161217094108
[2016/12/17 13:30:03 | 000,093,098 | ---- | M] () -- C:\Users\CJJones\Desktop\[bleep].png
[2016/12/17 09:47:46 | 001,802,040 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/12/17 09:47:46 | 000,472,364 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/12/17 09:47:46 | 000,007,162 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/12/17 09:35:56 | 000,004,516 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161217093459
[2016/12/17 09:35:55 | 000,003,394 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161216144657
[2016/12/16 14:09:51 | 000,125,444 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161215125945
[2016/12/16 14:09:51 | 000,033,906 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161216140852
[2016/12/15 12:59:37 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/12/15 01:34:07 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/12/15 01:30:10 | 000,023,424 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/12/15 01:30:10 | 000,021,556 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/12/14 23:16:01 | 000,067,046 | ---- | M] () -- C:\Users\CJJones\Desktop\subtextbutton1.png
[2016/12/14 18:07:43 | 001,629,948 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161213180705
[2016/12/14 18:07:43 | 001,236,794 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161214180705
[2016/12/13 18:07:42 | 000,337,035 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161213130842
[2016/12/13 17:33:48 | 000,104,497 | ---- | M] () -- C:\Users\CJJones\Desktop\subtextbutton.png
[2016/12/13 12:33:53 | 000,095,614 | ---- | M] () -- C:\Users\CJJones\Desktop\loin.jpg
[2016/12/12 23:23:46 | 001,628,109 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211232331
[2016/12/12 23:23:46 | 000,930,467 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161212232331
[2016/12/11 23:23:39 | 000,336,970 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161211182439
[2016/12/10 11:19:14 | 001,575,160 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210111841
[2016/12/10 11:19:14 | 000,336,887 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161210062014
[2016/12/09 15:59:06 | 000,072,841 | ---- | M] () -- C:\Users\CJJones\Desktop\Sites-hottopic-Site.pdf
[2016/12/08 22:12:10 | 001,413,936 | ---- | M] () -- C:\WINDOWS\SysWow64\rsslogs.20161208221137
[2016/12/07 20:02:24 | 000,000,138 | ---- | M] () -- C:\Users\CJJones\Desktop\Dec Clan Wars.url
[2016/12/07 11:16:51 | 000,019,977 | ---- | M] () -- C:\Users\CJJones\Desktop\slayerpit.jpg
[2016/11/28 12:01:05 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk
[2016/11/27 18:01:46 | 001,176,064 | ---- | M] () -- C:\Users\CJJones\Desktop\goattongue.gif
[2016/11/27 11:18:46 | 000,064,763 | ---- | M] () -- C:\Users\CJJones\Desktop\brownieing.jpg
[2016/11/27 11:01:30 | 000,110,098 | ---- | M] () -- C:\Users\CJJones\Desktop\Turkey ribs.jpg
[2016/11/27 11:01:16 | 000,085,826 | ---- | M] () -- C:\Users\CJJones\Desktop\TurkeyDF.jpg
[2016/11/27 10:58:19 | 000,070,339 | ---- | M] () -- C:\Users\CJJones\Desktop\Turkey2hrs.jpg
[2016/11/25 22:36:07 | 000,055,189 | ---- | M] () -- C:\Users\CJJones\Documents\Hot Topic Checkout Confirmation.pdf
[2016/11/25 21:54:22 | 000,037,565 | ---- | M] () -- C:\Users\CJJones\Documents\WWE Shop reciept Confirmation Checkout page.pdf
[2016/11/24 00:03:22 | 000,070,339 | ---- | M] () -- C:\Users\CJJones\Desktop\2hr turkeys.jpg
[2016/11/23 19:38:46 | 000,137,676 | ---- | M] () -- C:\Users\CJJones\Documents\Open Burn Pit Registry.pdf
[2016/11/22 16:28:53 | 000,055,023 | ---- | M] () -- C:\Users\CJJones\Desktop\nopetrain.jpg
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\Users\CJJones\Documents\*.tmp files -> C:\Users\CJJones\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2016/12/18 13:33:39 | 000,058,805 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161218133239
[2016/12/18 11:36:46 | 000,049,159 | ---- | C] () -- C:\Users\CJJones\Desktop\pl.jpg
[2016/12/17 21:10:18 | 000,031,014 | ---- | C] () -- C:\Users\CJJones\Desktop\momcancook.jpg
[2016/12/17 19:50:27 | 000,093,431 | ---- | C] () -- C:\Users\CJJones\Desktop\aux waterpump durango.jpg
[2016/12/17 14:40:10 | 001,541,585 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161217143936
[2016/12/17 13:28:14 | 000,093,098 | ---- | C] () -- C:\Users\CJJones\Desktop\[bleep].png
[2016/12/17 09:42:09 | 000,337,105 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161217094108
[2016/12/17 09:35:56 | 000,004,516 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161217093459
[2016/12/16 14:47:57 | 000,003,394 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161216144657
[2016/12/16 14:09:51 | 000,033,906 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161216140852
[2016/12/15 13:00:45 | 000,125,444 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161215125945
[2016/12/14 18:07:43 | 001,236,794 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161214180705
[2016/12/13 19:07:38 | 000,067,046 | ---- | C] () -- C:\Users\CJJones\Desktop\subtextbutton1.png
[2016/12/13 18:07:42 | 001,629,948 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161213180705
[2016/12/13 17:33:47 | 000,104,497 | ---- | C] () -- C:\Users\CJJones\Desktop\subtextbutton.png
[2016/12/13 13:09:42 | 000,337,035 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161213130842
[2016/12/13 12:33:52 | 000,095,614 | ---- | C] () -- C:\Users\CJJones\Desktop\loin.jpg
[2016/12/12 23:23:46 | 000,930,467 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161212232331
[2016/12/11 23:23:39 | 001,628,109 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211232331
[2016/12/11 18:25:39 | 000,336,970 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161211182439
[2016/12/10 11:19:14 | 001,575,160 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210111841
[2016/12/10 06:21:14 | 000,336,887 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161210062014
[2016/12/09 15:58:59 | 000,072,841 | ---- | C] () -- C:\Users\CJJones\Desktop\Sites-hottopic-Site.pdf
[2016/12/08 22:12:10 | 001,413,936 | ---- | C] () -- C:\WINDOWS\SysWow64\rsslogs.20161208221137
[2016/12/07 20:02:15 | 000,000,138 | ---- | C] () -- C:\Users\CJJones\Desktop\Dec Clan Wars.url
[2016/12/07 11:16:50 | 000,019,977 | ---- | C] () -- C:\Users\CJJones\Desktop\slayerpit.jpg
[2016/11/28 12:01:05 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\AVG.lnk
[2016/11/27 18:01:46 | 001,176,064 | ---- | C] () -- C:\Users\CJJones\Desktop\goattongue.gif
[2016/11/27 11:18:46 | 000,064,763 | ---- | C] () -- C:\Users\CJJones\Desktop\brownieing.jpg
[2016/11/27 11:01:29 | 000,110,098 | ---- | C] () -- C:\Users\CJJones\Desktop\Turkey ribs.jpg
[2016/11/27 11:01:15 | 000,085,826 | ---- | C] () -- C:\Users\CJJones\Desktop\TurkeyDF.jpg
[2016/11/27 10:58:18 | 000,070,339 | ---- | C] () -- C:\Users\CJJones\Desktop\Turkey2hrs.jpg
[2016/11/25 22:36:04 | 000,055,189 | ---- | C] () -- C:\Users\CJJones\Documents\Hot Topic Checkout Confirmation.pdf
[2016/11/25 21:54:17 | 000,037,565 | ---- | C] () -- C:\Users\CJJones\Documents\WWE Shop reciept Confirmation Checkout page.pdf
[2016/11/24 00:03:21 | 000,070,339 | ---- | C] () -- C:\Users\CJJones\Desktop\2hr turkeys.jpg
[2016/11/23 19:38:46 | 000,137,676 | ---- | C] () -- C:\Users\CJJones\Documents\Open Burn Pit Registry.pdf
[2016/11/22 16:28:52 | 000,055,023 | ---- | C] () -- C:\Users\CJJones\Desktop\nopetrain.jpg
[2016/11/20 20:06:01 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/09/29 19:43:50 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016/09/29 19:43:08 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/09/22 02:41:00 | 000,968,848 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/09/22 02:36:24 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/09/22 02:35:15 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/07/16 06:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 06:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 06:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 06:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016/07/16 06:42:56 | 000,185,368 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2016/07/16 06:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 06:42:55 | 000,038,400 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2016/07/16 06:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 06:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 06:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 06:42:46 | 000,109,056 | ---- | C] () -- C:\WINDOWS\SysWow64\chartv.dll
[2016/07/16 06:42:46 | 000,031,232 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2016/07/16 06:42:45 | 000,336,896 | ---- | C] () -- C:\WINDOWS\SysWow64\msinfo32.exe
[2016/07/16 06:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 06:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/05/04 19:53:19 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/12/01 00:17:37 | 000,000,424 | ---- | C] () -- C:\Users\CJJones\AppData\Local\UserProducts.xml
[2015/09/06 10:35:35 | 000,014,172 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCoInst.dat
[2015/09/06 01:54:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\srvany.exe
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/09/15 12:16:13 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/09/15 12:22:40 | 005,722,320 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 06:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 06:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 06:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2016/02/18 20:17:49 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\.minecraft
[2016/09/01 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Andy
[2015/10/28 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\AVG
[2016/03/11 17:08:37 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Canon
[2015/11/10 14:17:16 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Downloaded Installations
[2016/04/19 18:43:30 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\FileOpen
[2016/02/18 18:40:53 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\java
[2016/04/23 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\MPEG Streamclip
[2016/04/19 18:43:30 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Nitro
[2016/12/12 07:41:45 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Nitro PDF
[2016/05/02 14:27:48 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\Oracle
[2016/07/20 18:10:34 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\pokemon-go-map
[2015/10/28 19:56:36 | 000,000,000 | ---D | M] -- C:\Users\CJJones\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 168 bytes -> C:\Users\CJJones\Desktop\Grocery - SPAGHETTI.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\CJJones\Desktop\Grocery - Angel Hair pasta.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 168 bytes -> C:\Users\CJJones\Desktop\B001IHOMT8 BMP.bmp:3or4kl4x13tuuug3Byamue2s4b

< End of report >
 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
We don't use OTL these days:

 
[*]Get FRST from
You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
 
[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
[*]Check the Addition.txt box
[*]Press Scan button. 
[*]It will produce a log called FRST.txt in the same directory the tool is run from.  
[*]Please copy and paste log back here. 
[*]It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
[/LIST]
 
 
Doesn't look like malware tho.
Copy the next line:

for  /F  "tokens=*"  %1 in  ('wevtutil.exe el')  DO  wevtutil.exe  cl  "%1"

Open an elevated command prompt:  If you don't now how then see the link:
 
 

If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:
 
Right click and Paste (or Edit then Paste) and the copied line should appear:
Hit Enter.  You may get a few errors but that's OK.
 

Copy the next line:

 DISM  /Online  /Cleanup-Image  /RestoreHealth
 
Move to the elevated command prompt:
 
Right click and Paste (or Edit then Paste) and the copied line should appear:
Hit Enter.  
 
This will take 10-15 minutes to complete.

 Once the prompt returns:

 
Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 

sfc  /scannow
 
 
 
This will also take a few minutes.  
 
 
 
Now Copy:
 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
Move to the Elevated Command Prompt and right click and Paste and the line should appear.
 
Hit Enter.  Then type::
 
 

notepad  \junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
Reboot
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 

Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 

TASKLIST /SVC  > \junk.txt

notepad \junk.txt
 
Open an Elevated Command Prompt:
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 
 

  • 0

#3
KaleysLaptop

KaleysLaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

I believe I got all this per your instructions.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by CJJones (administrator) on CJJONES-PC (19-12-2016 13:27:20)
Running from C:\Users\CJJones\Downloads
Loaded Profiles: Admin & CJJones & Tyler (Available Profiles: Admin & CJJones & Tyler & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407280 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [293768 2016-06-14] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-11-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1474751279-1854839113-270172752-1000\...\RunOnce: [Uninstall C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1474751279-1854839113-270172752-1000\...\RunOnce: [Uninstall C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1474751279-1854839113-270172752-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-09-30]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2016-06-18]
ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe (Andy OS, inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-06-14]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\CJJones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Games Arcade (BETA).lnk [2016-09-24]
ShortcutTarget: Facebook Games Arcade (BETA).lnk -> C:\Users\CJJones\AppData\Local\Facebook\Games\FacebookGames.exe ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{32c1b25b-27e5-40d0-a516-b4cb730fbec8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D31690B8-FB6D-47AC-ACD2-8385ACF9AFA0}&mid=7a830aa6b6a747cfa8e8d158647c9fa7-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-11-14 20:36:02&v=4.3.6.255&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-1474751279-1854839113-270172752-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1474751279-1854839113-270172752-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D31690B8-FB6D-47AC-ACD2-8385ACF9AFA0}&mid=7a830aa6b6a747cfa8e8d158647c9fa7-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-11-14 20:36:02&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1474751279-1854839113-270172752-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D31690B8-FB6D-47AC-ACD2-8385ACF9AFA0}&mid=7a830aa6b6a747cfa8e8d158647c9fa7-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-11-14 20:36:02&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-11-14] (AVG)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-15] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-11-14] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-15] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106 [2016-12-19]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106 -> Google
FF Extension: (AVG Web TuneUp) - C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\Extensions\[email protected] [2016-11-14]
FF Extension: (Greasemonkey) - C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-19]
FF SearchPlugin: C:\Users\CJJones\AppData\Roaming\Mozilla\Firefox\Profiles\esrkuqyz.default-1459640370106\searchplugins\avg-secure-search.xml [2016-11-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-06-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-06-14] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1474751279-1854839113-270172752-1004: @nsroblox.roblox.com/launcher -> C:\Users\Tyler\AppData\Local\Roblox\Versions\version-cdc47f439edb4527\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1474751279-1854839113-270172752-1004: @nsroblox.roblox.com/launcher64 -> C:\Users\Tyler\AppData\Local\Roblox\Versions\version-cdc47f439edb4527\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome:
=======
CHR Profile: C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default [2016-12-18]
CHR Extension: (Google Slides) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
CHR Extension: (Google Docs) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
CHR Extension: (Google Drive) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Google Search) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Superman Theme (Red-on-Blue)) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmodppofjbaoggbchnngcaljngfffloj [2016-03-10]
CHR Extension: (Google Sheets) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (FiB) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpheinlpjdffpdakjegbcphdfeekpnn [2016-11-15]
CHR Extension: (Gmail) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\CJJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-07-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-07-21] (BlueStack Systems, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-10-18] (NVIDIA Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-10-18] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-10-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-10-18] (NVIDIA Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095440 2016-06-14] (RealNetworks, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-11-14] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-11-14] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.) [File not signed]
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-21] (Bluestack System Inc. )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-08-03] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-19 13:27 - 2016-12-19 13:27 - 00022780 _____ C:\Users\CJJones\Downloads\FRST.txt
2016-12-19 13:27 - 2016-12-19 13:27 - 00000000 ____D C:\FRST
2016-12-19 13:26 - 2016-12-19 13:26 - 02420224 _____ (Farbar) C:\Users\CJJones\Downloads\FRST64.exe
2016-12-18 18:31 - 2016-12-18 18:31 - 01286218 _____ C:\WINDOWS\SysWOW64\rsslogs.20161218183123
2016-12-18 14:34 - 2016-12-18 14:34 - 00126906 _____ C:\Users\CJJones\Downloads\Extras.Txt
2016-12-18 14:33 - 2016-12-18 14:33 - 00179410 _____ C:\Users\CJJones\Downloads\OTL.Txt
2016-12-18 14:16 - 2016-12-18 14:17 - 00602112 _____ (OldTimer Tools) C:\Users\CJJones\Downloads\OTL.exe
2016-12-18 13:33 - 2016-12-18 18:31 - 00337071 _____ C:\WINDOWS\SysWOW64\rsslogs.20161218133239
2016-12-17 14:40 - 2016-12-17 14:40 - 01541585 _____ C:\WINDOWS\SysWOW64\rsslogs.20161217143936
2016-12-17 09:42 - 2016-12-17 14:40 - 00337105 _____ C:\WINDOWS\SysWOW64\rsslogs.20161217094108
2016-12-17 09:35 - 2016-12-17 09:35 - 00004516 _____ C:\WINDOWS\SysWOW64\rsslogs.20161217093459
2016-12-16 14:47 - 2016-12-17 09:35 - 00003394 _____ C:\WINDOWS\SysWOW64\rsslogs.20161216144657
2016-12-16 14:09 - 2016-12-16 14:09 - 00033906 _____ C:\WINDOWS\SysWOW64\rsslogs.20161216140852
2016-12-15 13:00 - 2016-12-16 14:09 - 00125444 _____ C:\WINDOWS\SysWOW64\rsslogs.20161215125945
2016-12-15 01:33 - 2016-12-15 01:33 - 08803648 _____ (Piriform Ltd) C:\Users\CJJones\Downloads\ccsetup525.exe
2016-12-15 01:29 - 2016-12-15 01:29 - 00000000 ___HD C:\$Windows.~WS
2016-12-15 01:29 - 2016-12-15 01:29 - 00000000 ____D C:\$WINDOWS.~BT
2016-12-15 01:15 - 2016-12-15 01:15 - 00000000 ____D C:\Users\CJJones\Desktop\Logo
2016-12-14 18:07 - 2016-12-14 18:07 - 01236794 _____ C:\WINDOWS\SysWOW64\rsslogs.20161214180705
2016-12-13 22:33 - 2016-12-13 22:33 - 20364888 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-12-13 18:07 - 2016-12-14 18:07 - 01629948 _____ C:\WINDOWS\SysWOW64\rsslogs.20161213180705
2016-12-13 13:09 - 2016-12-13 18:07 - 00337035 _____ C:\WINDOWS\SysWOW64\rsslogs.20161213130842
2016-12-12 23:23 - 2016-12-12 23:23 - 00930467 _____ C:\WINDOWS\SysWOW64\rsslogs.20161212232331
2016-12-12 19:23 - 2016-12-13 11:03 - 00000000 ____D C:\Users\CJJones\Desktop\Leigha Gishwes buttoms
2016-12-12 07:40 - 2016-12-12 07:40 - 00118305 _____ C:\Users\CJJones\Downloads\document(1).pdf
2016-12-11 23:23 - 2016-12-12 23:23 - 01628109 _____ C:\WINDOWS\SysWOW64\rsslogs.20161211232331
2016-12-11 18:25 - 2016-12-11 23:23 - 00336970 _____ C:\WINDOWS\SysWOW64\rsslogs.20161211182439
2016-12-10 11:19 - 2016-12-10 11:19 - 01575160 _____ C:\WINDOWS\SysWOW64\rsslogs.20161210111841
2016-12-10 06:21 - 2016-12-10 11:19 - 00336887 _____ C:\WINDOWS\SysWOW64\rsslogs.20161210062014
2016-12-09 15:58 - 2016-12-09 15:59 - 00072841 _____ C:\Users\CJJones\Desktop\Sites-hottopic-Site.pdf
2016-12-09 15:29 - 2016-12-09 15:29 - 00000000 ____D C:\Users\CJJones\AppData\LocalLow\Google
2016-12-09 15:29 - 2016-12-09 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-12-09 15:27 - 2016-12-09 15:27 - 01065376 _____ (Google Inc.) C:\Users\CJJones\Downloads\GoogleEarthSetup.exe
2016-12-09 11:59 - 2016-12-09 11:59 - 16279288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-12-09 11:58 - 2016-12-09 11:58 - 17722448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-12-09 11:58 - 2016-12-09 11:58 - 14046888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-09 11:58 - 2016-12-09 11:58 - 13957376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-09 11:58 - 2016-12-09 11:58 - 11378672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-09 11:58 - 2016-12-09 11:58 - 11315752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-09 11:46 - 2016-12-09 11:46 - 31532728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-09 11:45 - 2016-12-09 11:45 - 24217784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-09 11:45 - 2016-12-09 11:45 - 00960576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-09 11:45 - 2016-12-09 11:45 - 00923200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-09 11:38 - 2016-12-09 11:38 - 04262584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-09 11:38 - 2016-12-09 11:38 - 04004536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-09 11:38 - 2016-12-09 11:38 - 01917640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434201.dll
2016-12-09 11:38 - 2016-12-09 11:38 - 00919104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-09 11:38 - 2016-12-09 11:38 - 00885824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-09 11:37 - 2016-12-09 11:37 - 23009344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-12-09 11:37 - 2016-12-09 11:37 - 15310400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-09 11:18 - 2016-12-09 11:18 - 01566920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434201.dll
2016-12-09 00:27 - 2016-12-15 01:51 - 00000000 ____D C:\Users\CJJones\AppData\Local\CrashDumps
2016-12-07 20:02 - 2016-12-07 20:02 - 00000138 _____ C:\Users\CJJones\Desktop\Dec Clan Wars.url
2016-12-07 19:59 - 2016-12-07 19:59 - 00000696 _____ C:\Users\CJJones\Desktop\Perfect Burger.txt
2016-12-07 11:27 - 2016-04-14 17:17 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2016-12-07 11:25 - 2016-03-10 08:03 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2016-12-07 11:13 - 2016-12-07 11:32 - 00000101 _____ C:\Users\CJJones\Desktop\Upcoming Cook Jobs.txt
2016-12-06 12:08 - 2016-12-09 12:08 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-11-30 16:53 - 2016-11-30 19:54 - 00000887 _____ C:\Users\CJJones\Documents\kaleyscage.txt
2016-11-28 12:01 - 2016-11-28 12:01 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-25 22:36 - 2016-11-25 22:36 - 00055189 _____ C:\Users\CJJones\Documents\Hot Topic Checkout Confirmation.pdf
2016-11-25 21:54 - 2016-11-25 21:54 - 00037565 _____ C:\Users\CJJones\Documents\WWE Shop reciept Confirmation Checkout page.pdf
2016-11-23 19:38 - 2016-11-23 19:38 - 00137676 _____ C:\Users\CJJones\Documents\Open Burn Pit Registry.pdf
2016-11-20 20:06 - 2016-12-15 01:34 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-20 20:05 - 2016-11-20 20:05 - 08576448 _____ (Piriform Ltd) C:\Users\CJJones\Downloads\ccsetup524.exe
2016-11-20 12:35 - 2016-12-19 13:25 - 00000000 ____D C:\Users\CJJones\AppData\LocalLow\Mozilla

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-19 13:16 - 2016-09-22 02:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-19 12:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-19 06:15 - 2015-10-28 19:53 - 00000000 ____D C:\ProgramData\MFAData
2016-12-19 02:35 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-18 17:40 - 2016-09-22 03:01 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-12-18 13:35 - 2016-09-22 02:41 - 00000000 ____D C:\Users\Tyler
2016-12-18 13:35 - 2016-09-22 02:41 - 00000000 ____D C:\Users\Admin
2016-12-18 13:33 - 2016-09-22 02:41 - 00000000 ____D C:\Users\CJJones
2016-12-18 13:32 - 2016-11-17 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-18 13:32 - 2016-09-22 03:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-18 13:32 - 2016-06-18 16:56 - 00000000 ____D C:\ProgramData\VMware
2016-12-18 13:32 - 2015-12-27 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-18 13:06 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-17 18:42 - 2016-09-22 03:01 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 18:42 - 2016-09-22 03:01 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 13:02 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-17 11:51 - 2016-09-22 02:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-17 11:49 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-17 11:49 - 2015-10-28 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-17 09:48 - 2015-10-31 16:14 - 00000000 ____D C:\Users\CJJones\Desktop\New folder
2016-12-17 09:47 - 2016-09-22 02:41 - 00007162 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-17 09:39 - 2016-07-16 01:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-15 12:59 - 2015-10-28 21:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-15 01:30 - 2016-09-22 06:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-15 01:30 - 2016-09-22 03:08 - 00023424 _____ C:\WINDOWS\diagwrn.xml
2016-12-15 01:30 - 2016-09-22 03:08 - 00021556 _____ C:\WINDOWS\diagerr.xml
2016-12-13 22:33 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 22:33 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 13:57 - 2015-10-28 15:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-13 13:53 - 2015-10-28 15:29 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-12 07:41 - 2015-11-10 14:19 - 00000000 ____D C:\Users\CJJones\AppData\Roaming\Nitro PDF
2016-12-11 18:56 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 18:56 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 16:42 - 2015-09-06 10:32 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-09 15:29 - 2015-09-06 01:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-09 12:08 - 2016-03-08 07:25 - 00002409 _____ C:\Users\CJJones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 12:08 - 2016-03-08 07:25 - 00000000 ___RD C:\Users\CJJones\OneDrive
2016-12-09 11:59 - 2016-05-02 22:50 - 18806712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-12-09 11:58 - 2016-11-15 20:19 - 02856736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-09 11:58 - 2016-05-02 22:50 - 14634024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-12-09 11:58 - 2016-05-02 22:50 - 03245408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-09 11:45 - 2016-05-02 22:50 - 12914360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-12-07 11:37 - 2016-06-18 16:59 - 00000000 ____D C:\Users\CJJones\AppData\Roaming\VMware
2016-12-07 11:25 - 2016-06-18 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-12-02 03:18 - 2016-03-08 07:17 - 00000000 ____D C:\Users\CJJones\AppData\Local\Packages
2016-11-28 12:01 - 2015-10-28 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-23 20:16 - 2015-11-09 21:13 - 00000542 _____ C:\Users\CJJones\Desktop\2016 Thanksgiving Turkeys.txt
2016-11-21 17:29 - 2015-10-28 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-11-20 14:35 - 2016-11-16 11:51 - 00000000 ____D C:\Users\CJJones\Desktop\dashcam
2016-11-20 12:34 - 2016-11-04 21:57 - 00000000 ____D C:\Users\CJJones\Desktop\Birdsong
2016-11-20 12:33 - 2016-11-04 21:57 - 00000000 ____D C:\Users\CJJones\Desktop\PSJHWSBL
2016-11-20 12:33 - 2016-11-04 21:57 - 00000000 ____D C:\Users\CJJones\Desktop\Kyles Wedding rehearsal
2016-11-20 12:31 - 2016-11-04 22:29 - 00000000 ____D C:\Users\CJJones\Desktop\FishDip

==================== Files in the root of some directories =======

2015-09-06 02:10 - 2015-08-05 12:15 - 19648448 _____ (Microsoft Corporation) C:\Program Files\MediaCreationToolx64.exe
2015-12-01 00:17 - 2015-12-01 00:17 - 0000003 _____ () C:\Users\CJJones\AppData\Local\updater.log
2015-12-01 00:17 - 2016-08-06 23:20 - 0000424 _____ () C:\Users\CJJones\AppData\Local\UserProducts.xml
2016-09-22 02:36 - 2016-09-22 02:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\CJJones\AppData\Local\Temp\lowproc.exe
C:\Users\CJJones\AppData\Local\Temp\stubhelper.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-15 03:15

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by CJJones (19-12-2016 13:28:07)
Running from C:\Users\CJJones\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-22 08:12:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-1474751279-1854839113-270172752-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1474751279-1854839113-270172752-500 - Administrator - Disabled)
CJJones (S-1-5-21-1474751279-1854839113-270172752-1001 - Administrator - Enabled) => C:\Users\CJJones
DefaultAccount (S-1-5-21-1474751279-1854839113-270172752-503 - Limited - Disabled)
Guest (S-1-5-21-1474751279-1854839113-270172752-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1474751279-1854839113-270172752-1003 - Limited - Enabled)
Tyler (S-1-5-21-1474751279-1854839113-270172752-1004 - Administrator - Enabled) => C:\Users\Tyler

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Andy OS (HKLM\...\Andy OS) (Version: 46.2 - Andy OS, Inc)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.41.6024 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Facebook Games Arcade 0.11.2.4 (HKLM-x32\...\{923578AC-231E-4A7C-8AB8-A90C16B8A507}) (Version: 0.11.2.4 - Facebook)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1474751279-1854839113-270172752-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - )
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.26.0 - Ralink)
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7599 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
ROBLOX Player for Tyler (HKU\S-1-5-21-1474751279-1854839113-270172752-1004\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.3.00000 - VMware, Inc.)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05DAAC44-D65D-4019-8A3D-C91A08F41098} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0EFE3BCD-7671-4189-A0F7-2B13FD3DA437} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {0FEA1089-CD7E-44FB-A6E6-C204AC944C76} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14746BB9-7C05-4C25-B887-87E88C3C3778} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1DCF1735-E90A-46BA-B2C7-447DE78523FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1F0878ED-A504-4A2C-B729-2BAD4D0C4269} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38961E45-718A-4610-AE9F-3D93C0E04FCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C95D748-5307-4C60-A4A0-85063FEE5F8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {40838F16-8D7C-40C5-B2B6-2EEE0A8F5012} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40DDC693-0125-4CAC-86EE-67CC3B918182} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1474751279-1854839113-270172752-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4155FE74-F659-4E9E-A075-6325A3EA50A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {441D41B9-3796-4472-9D63-059D4AB945AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {45B574DD-71F1-4298-AF02-EFD45A45B216} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {4ABEDFDD-AAB7-4092-81F3-3BFF71030BAC} - System32\Tasks\update-S-1-5-21-1474751279-1854839113-270172752-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {5145F6A9-81CD-41A5-A8CA-AE096F833229} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {587C3C72-A350-400E-9CAA-6F39C165DEAF} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {592563A6-9F10-45C2-8AAC-73F3C01F60AE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B518DCA-CE78-4569-8A82-9B8E3DFF673E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {5D5DC49F-DEA4-4066-A6AE-D6B75F9DD946} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1474751279-1854839113-270172752-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {688AB030-E2DB-48E4-87E8-1CE185EE5CEC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {690C6A36-3367-4981-A345-6814D7A4F7C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6CCA7AF6-9E43-4CCB-A9F7-2F28981B8C17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73E40931-0D4C-44EF-8447-CE8867349ADD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7A92ED46-DEFE-4166-A9E3-8C16C6DD0E28} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EDA6606-D74F-4F76-8C67-599B2F715025} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {89EFD465-9A4D-488C-87BD-28A8CA747516} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {954CAC34-1BEF-4585-A7B1-B410736040D2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9692FE90-78FD-4389-A895-639D2D4CB0FD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {96ABC98A-60F2-4187-A989-279CDBD46499} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {99B29A06-491A-40E0-8974-E4A349704772} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {A0E268C1-044E-41E2-885C-E2C44530D30E} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {A13A54C5-EA36-4A0F-9D39-798AF3F11FB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A584AC8A-C461-4E33-ACA7-12482AD23FB9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A66DA826-0F17-48F8-B9A5-956F7CA7C1FC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6F91B90-3708-49DC-9BC8-AA49E879745C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BACB8CF7-1292-42E4-9277-DFF04F5869D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C0C3737E-1E35-4DE9-B27A-A26A4C7F4967} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C3F00001-D4AD-405B-82AC-45A1FBD2EB15} - System32\Tasks\{88A897D9-959E-43D8-BFDB-C2D2B0D43C80} => pcalua.exe -a "C:\Photoshop 6.0\Photoshp.exe" -c "C:\Users\CJJones\Desktop\celtic weave attempt.jpg"
Task: {C57F7729-1ABD-45A9-B12D-FB12526768D9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C592AF50-06CE-44F3-BA52-BEAF65BA33AD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5A4C70B-B368-4441-BDA2-60B43BAA6241} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C71D83A1-5079-478C-974B-F3A98D8F06AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {CC6AB55F-C401-4DAD-801F-B16BE5C797BB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8F23991-9911-4290-8A16-7C58E345EA92} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D914A3A2-B8D4-4997-8D83-12F433DBD669} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {EE8D3321-6E56-4D14-88AC-433176B280A8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {EF693315-4E77-4D1B-8AA7-82585421F7A5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EFFAFE64-6A9A-46A4-8F05-67C05EC56746} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7FC2512-0DD7-40F3-BF98-CDC9029312F8} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1474751279-1854839113-270172752-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FE7D2A36-59D0-4378-8640-233343FC2B0A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1474751279-1854839113-270172752-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 19:43 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-14 15:35 - 2016-11-14 15:35 - 00980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-09-22 02:37 - 2016-11-14 06:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-11-15 20:24 - 2016-10-18 13:42 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-29 19:43 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-09 12:07 - 2016-12-09 12:07 - 01678560 _____ () C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-09-22 06:27 - 2016-09-22 06:27 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 13:06 - 2016-10-05 04:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-11 13:07 - 2016-10-05 04:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-11 13:07 - 2016-10-05 04:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-11 13:07 - 2016-10-05 04:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-11 13:07 - 2016-10-05 04:13 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-11 13:07 - 2016-10-05 04:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-11 13:07 - 2016-10-05 04:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-11-14 15:35 - 2016-11-14 15:35 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-12-14 09:18 - 2016-12-14 09:18 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 09:18 - 2016-12-14 09:18 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 09:18 - 2016-12-14 09:18 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 09:18 - 2016-12-14 09:18 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-23 06:15 - 2016-11-23 06:15 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 06:15 - 2016-11-23 06:15 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-02 21:36 - 2016-06-02 21:37 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 06:15 - 2016-11-23 06:15 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 06:15 - 2016-11-23 06:15 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-04-14 17:17 - 2016-04-14 17:17 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-11-15 20:24 - 2016-10-18 13:42 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-09 12:07 - 2016-12-09 12:07 - 01244376 _____ () C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-05-13 13:20 - 2016-05-13 13:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-06-14 21:21 - 2016-06-14 21:21 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2016-07-05 17:18 - 2016-07-05 17:18 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2016-11-28 11:59 - 2016-11-28 11:59 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\CJJones\Desktop\B001IHOMT8 BMP.bmp:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\CJJones\Desktop\B001IHOMT8 BMP.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\CJJones\Desktop\Grocery - Angel Hair pasta.bmp:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\CJJones\Desktop\Grocery - Angel Hair pasta.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\CJJones\Desktop\Grocery - SPAGHETTI.bmp:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\CJJones\Desktop\Grocery - SPAGHETTI.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1474751279-1854839113-270172752-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1474751279-1854839113-270172752-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\...\StartupApproved\StartupFolder: => "Facebook Games Arcade (BETA).lnk"
HKU\S-1-5-21-1474751279-1854839113-270172752-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{7B0462C7-4C76-4A57-B3E0-BF654A01D380}] => C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{11489737-5FB3-435D-9F8B-5A1D37C2B59A}] => C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{1A7C0454-890A-4547-AD28-AC9258A02F2E}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{31A6E663-61FF-4F21-A216-04DC64A413FB}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{2F3F1752-5C05-468C-B252-6CF3127B574D}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{7B02EFDE-1410-4BF7-9A60-DAEBF5D8092E}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{3FCDC72F-AAB8-4C61-BC6B-7A0C83E0CA7F}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{25F3C686-B5DC-4A57-BBCD-BC98C641484B}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{2572BD2C-37A6-4E48-B0EF-0075192663C6}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{C79BF894-DEB4-4266-9AB0-A8E565453375}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{05EB38FD-9D93-4BD2-BC6F-C8DAF06A4011}] => c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{DC9BA224-437E-4E0C-BC1F-D9F8633F18BD}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D65D0B0-4160-4179-8873-2E4CCCB7A50C}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33244004-E347-485E-8181-7DC16909BED9}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1066FD89-C27C-4170-A817-685BCDB2735E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B4E9C1A3-1D02-4F21-AD78-8BBEBE4E96C2}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{ACEBA5BB-31AB-4A30-B1CB-163881A293A6}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{1B8BF5FD-263A-41AA-BE88-0869A172B3D2}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C7FDDF0-26DB-4644-B427-440B4F2089DC}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D257F998-D94A-4CB4-9971-33C7FA4BBFE4}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{37A661BC-2D8D-4EB8-8C8E-DEE0FA5BD033}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{CAC5F913-3DEE-4914-B75D-11F637A9BD1E}C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{073DEA4A-D715-48D5-86E5-BBDC13AC95F4}C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\tyler\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{94E2651E-8FC9-463A-A0B3-E1B0F62E49DF}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ACFF5811-30F0-4E98-BA26-DFAF36332083}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{74D6F441-8C0B-497D-B09C-794A1F734BF3}C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6BB25D36-6F44-41F7-B5D2-33F2BE1E9D80}C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\cjjones\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{97401F76-A79B-40B3-B19E-30D50D4D72F8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E0543358-42C9-44BF-B3AE-755650AA4D71}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{27054CD0-8CEA-418B-84A2-5738E3D85267}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{14A3301E-0CF5-4756-9D61-BCC2444D7792}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83166C40-51B4-4825-8E77-A147018C54EC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0950BBF0-05E2-46F4-ACAE-325AFAC0F0A2}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3BE6925F-3F4A-4F03-B162-F20A4DF9450A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{FB56FAFC-87B0-4E0D-83F7-98344C3CD33B}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3FC57C0A-6770-4B6F-B7C3-7368E17773EE}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F5F7D063-D8F8-43A5-9241-710FF6BD4E07}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

05-12-2016 15:18:40 Scheduled Checkpoint
13-12-2016 13:53:13 Windows Update
16-12-2016 14:35:17 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2016 02:02:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/18/2016 02:02:19 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2016 02:01:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/18/2016 02:01:00 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2016 02:00:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/18/2016 02:00:50 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2016 02:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/18/2016 02:00:40 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (12/18/2016 02:00:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (2188) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/18/2016 02:00:30 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2188) WebCacheLocal: An attempt to open the file "C:\Users\CJJones\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (12/18/2016 01:33:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/18/2016 01:33:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/18/2016 01:33:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/18/2016 01:33:28 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (12/18/2016 01:32:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (12/18/2016 01:32:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (12/18/2016 01:31:50 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Error: (12/18/2016 01:32:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:00:41 PM on ‎12/‎18/‎2016 was unexpected.

Error: (12/17/2016 12:50:44 PM) (Source: DCOM) (EventID: 10016) (User: CJJones-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user CJJones-PC\CJJones SID (S-1-5-21-1474751279-1854839113-270172752-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.

Error: (12/17/2016 12:50:05 PM) (Source: DCOM) (EventID: 10016) (User: CJJones-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user CJJones-PC\CJJones SID (S-1-5-21-1474751279-1854839113-270172752-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2016-12-19 13:27:06.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 13:27:06.727
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 13:26:55.058
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 13:26:55.056
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:57.177
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:55.882
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:44.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:43.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:43.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-19 06:15:43.822
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 35%
Total physical RAM: 8191.16 MB
Available physical RAM: 5307.07 MB
Total Virtual: 16383.16 MB
Available Virtual: 13406.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.47 GB) (Free:11.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 48461FA1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

2016-12-19 18:19:11, Info                  CSI    00000008 [SR] Verifying 100 components
2016-12-19 18:19:11, Info                  CSI    00000009 [SR] Beginning Verify and Repair transaction
2016-12-19 18:19:22, Info                  CSI    0000006f [SR] Verify complete
2016-12-19 18:19:22, Info                  CSI    00000070 [SR] Verifying 100 components
2016-12-19 18:19:22, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2016-12-19 18:19:31, Info                  CSI    000000d7 [SR] Verify complete
2016-12-19 18:19:31, Info                  CSI    000000d8 [SR] Verifying 100 components
2016-12-19 18:19:31, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2016-12-19 18:19:40, Info                  CSI    0000013f [SR] Verify complete
2016-12-19 18:19:40, Info                  CSI    00000140 [SR] Verifying 100 components
2016-12-19 18:19:40, Info                  CSI    00000141 [SR] Beginning Verify and Repair transaction
2016-12-19 18:19:49, Info                  CSI    000001a7 [SR] Verify complete
2016-12-19 18:19:49, Info                  CSI    000001a8 [SR] Verifying 100 components
2016-12-19 18:19:49, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2016-12-19 18:19:58, Info                  CSI    0000020e [SR] Verify complete
2016-12-19 18:19:58, Info                  CSI    0000020f [SR] Verifying 100 components
2016-12-19 18:19:58, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:07, Info                  CSI    00000275 [SR] Verify complete
2016-12-19 18:20:07, Info                  CSI    00000276 [SR] Verifying 100 components
2016-12-19 18:20:07, Info                  CSI    00000277 [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:16, Info                  CSI    000002dd [SR] Verify complete
2016-12-19 18:20:16, Info                  CSI    000002de [SR] Verifying 100 components
2016-12-19 18:20:16, Info                  CSI    000002df [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:24, Info                  CSI    00000344 [SR] Verify complete
2016-12-19 18:20:24, Info                  CSI    00000345 [SR] Verifying 100 components
2016-12-19 18:20:24, Info                  CSI    00000346 [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:33, Info                  CSI    000003ac [SR] Verify complete
2016-12-19 18:20:33, Info                  CSI    000003ad [SR] Verifying 100 components
2016-12-19 18:20:33, Info                  CSI    000003ae [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:41, Info                  CSI    00000413 [SR] Verify complete
2016-12-19 18:20:41, Info                  CSI    00000414 [SR] Verifying 100 components
2016-12-19 18:20:41, Info                  CSI    00000415 [SR] Beginning Verify and Repair transaction
2016-12-19 18:20:52, Info                  CSI    0000047d [SR] Verify complete
2016-12-19 18:20:53, Info                  CSI    0000047e [SR] Verifying 100 components
2016-12-19 18:20:53, Info                  CSI    0000047f [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:02, Info                  CSI    000004e5 [SR] Verify complete
2016-12-19 18:21:02, Info                  CSI    000004e6 [SR] Verifying 100 components
2016-12-19 18:21:02, Info                  CSI    000004e7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:10, Info                  CSI    0000054c [SR] Verify complete
2016-12-19 18:21:10, Info                  CSI    0000054d [SR] Verifying 100 components
2016-12-19 18:21:10, Info                  CSI    0000054e [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:18, Info                  CSI    000005b3 [SR] Verify complete
2016-12-19 18:21:18, Info                  CSI    000005b4 [SR] Verifying 100 components
2016-12-19 18:21:18, Info                  CSI    000005b5 [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:24, Info                  CSI    0000061b [SR] Verify complete
2016-12-19 18:21:24, Info                  CSI    0000061c [SR] Verifying 100 components
2016-12-19 18:21:24, Info                  CSI    0000061d [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:31, Info                  CSI    00000683 [SR] Verify complete
2016-12-19 18:21:31, Info                  CSI    00000684 [SR] Verifying 100 components
2016-12-19 18:21:31, Info                  CSI    00000685 [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:39, Info                  CSI    000006eb [SR] Verify complete
2016-12-19 18:21:39, Info                  CSI    000006ec [SR] Verifying 100 components
2016-12-19 18:21:39, Info                  CSI    000006ed [SR] Beginning Verify and Repair transaction
2016-12-19 18:21:48, Info                  CSI    00000753 [SR] Verify complete
2016-12-19 18:21:48, Info                  CSI    00000754 [SR] Verifying 100 components
2016-12-19 18:21:48, Info                  CSI    00000755 [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:00, Info                  CSI    000007ba [SR] Verify complete
2016-12-19 18:22:01, Info                  CSI    000007bb [SR] Verifying 100 components
2016-12-19 18:22:01, Info                  CSI    000007bc [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:09, Info                  CSI    00000821 [SR] Verify complete
2016-12-19 18:22:09, Info                  CSI    00000822 [SR] Verifying 100 components
2016-12-19 18:22:09, Info                  CSI    00000823 [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:18, Info                  CSI    00000889 [SR] Verify complete
2016-12-19 18:22:18, Info                  CSI    0000088a [SR] Verifying 100 components
2016-12-19 18:22:18, Info                  CSI    0000088b [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:27, Info                  CSI    000008f0 [SR] Verify complete
2016-12-19 18:22:27, Info                  CSI    000008f1 [SR] Verifying 100 components
2016-12-19 18:22:27, Info                  CSI    000008f2 [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:35, Info                  CSI    00000957 [SR] Verify complete
2016-12-19 18:22:35, Info                  CSI    00000958 [SR] Verifying 100 components
2016-12-19 18:22:35, Info                  CSI    00000959 [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:43, Info                  CSI    000009c0 [SR] Verify complete
2016-12-19 18:22:44, Info                  CSI    000009c1 [SR] Verifying 100 components
2016-12-19 18:22:44, Info                  CSI    000009c2 [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:51, Info                  CSI    00000a28 [SR] Verify complete
2016-12-19 18:22:51, Info                  CSI    00000a29 [SR] Verifying 100 components
2016-12-19 18:22:51, Info                  CSI    00000a2a [SR] Beginning Verify and Repair transaction
2016-12-19 18:22:58, Info                  CSI    00000a90 [SR] Verify complete
2016-12-19 18:22:58, Info                  CSI    00000a91 [SR] Verifying 100 components
2016-12-19 18:22:58, Info                  CSI    00000a92 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:08, Info                  CSI    00000b04 [SR] Verify complete
2016-12-19 18:23:08, Info                  CSI    00000b05 [SR] Verifying 100 components
2016-12-19 18:23:08, Info                  CSI    00000b06 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:14, Info                  CSI    00000b6b [SR] Verify complete
2016-12-19 18:23:14, Info                  CSI    00000b6c [SR] Verifying 100 components
2016-12-19 18:23:14, Info                  CSI    00000b6d [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:20, Info                  CSI    00000bd5 [SR] Verify complete
2016-12-19 18:23:20, Info                  CSI    00000bd6 [SR] Verifying 100 components
2016-12-19 18:23:20, Info                  CSI    00000bd7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:27, Info                  CSI    00000c45 [SR] Verify complete
2016-12-19 18:23:27, Info                  CSI    00000c46 [SR] Verifying 100 components
2016-12-19 18:23:27, Info                  CSI    00000c47 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:33, Info                  CSI    00000caf [SR] Verify complete
2016-12-19 18:23:34, Info                  CSI    00000cb0 [SR] Verifying 100 components
2016-12-19 18:23:34, Info                  CSI    00000cb1 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:39, Info                  CSI    00000d16 [SR] Verify complete
2016-12-19 18:23:39, Info                  CSI    00000d17 [SR] Verifying 100 components
2016-12-19 18:23:39, Info                  CSI    00000d18 [SR] Beginning Verify and Repair transaction
2016-12-19 18:23:50, Info                  CSI    00000d86 [SR] Verify complete
2016-12-19 18:23:50, Info                  CSI    00000d87 [SR] Verifying 100 components
2016-12-19 18:23:50, Info                  CSI    00000d88 [SR] Beginning Verify and Repair transaction
2016-12-19 18:24:05, Info                  CSI    00000e0e [SR] Verify complete
2016-12-19 18:24:05, Info                  CSI    00000e0f [SR] Verifying 100 components
2016-12-19 18:24:05, Info                  CSI    00000e10 [SR] Beginning Verify and Repair transaction
2016-12-19 18:24:22, Info                  CSI    00000e81 [SR] Verify complete
2016-12-19 18:24:22, Info                  CSI    00000e82 [SR] Verifying 100 components
2016-12-19 18:24:22, Info                  CSI    00000e83 [SR] Beginning Verify and Repair transaction
2016-12-19 18:24:36, Info                  CSI    00000ef5 [SR] Verify complete
2016-12-19 18:24:36, Info                  CSI    00000ef6 [SR] Verifying 100 components
2016-12-19 18:24:36, Info                  CSI    00000ef7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:24:46, Info                  CSI    00000f5f [SR] Verify complete
2016-12-19 18:24:46, Info                  CSI    00000f60 [SR] Verifying 100 components
2016-12-19 18:24:46, Info                  CSI    00000f61 [SR] Beginning Verify and Repair transaction
2016-12-19 18:24:57, Info                  CSI    00000fd5 [SR] Verify complete
2016-12-19 18:24:57, Info                  CSI    00000fd6 [SR] Verifying 100 components
2016-12-19 18:24:57, Info                  CSI    00000fd7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:25:05, Info                  CSI    0000106c [SR] Verify complete
2016-12-19 18:25:05, Info                  CSI    0000106d [SR] Verifying 100 components
2016-12-19 18:25:05, Info                  CSI    0000106e [SR] Beginning Verify and Repair transaction
2016-12-19 18:25:19, Info                  CSI    00001113 [SR] Verify complete
2016-12-19 18:25:19, Info                  CSI    00001114 [SR] Verifying 100 components
2016-12-19 18:25:19, Info                  CSI    00001115 [SR] Beginning Verify and Repair transaction
2016-12-19 18:25:32, Info                  CSI    0000117d [SR] Verify complete
2016-12-19 18:25:32, Info                  CSI    0000117e [SR] Verifying 100 components
2016-12-19 18:25:32, Info                  CSI    0000117f [SR] Beginning Verify and Repair transaction
2016-12-19 18:25:43, Info                  CSI    000011e4 [SR] Verify complete
2016-12-19 18:25:43, Info                  CSI    000011e5 [SR] Verifying 100 components
2016-12-19 18:25:43, Info                  CSI    000011e6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:25:49, Info                  CSI    0000124b [SR] Verify complete
2016-12-19 18:25:49, Info                  CSI    0000124c [SR] Verifying 100 components
2016-12-19 18:25:49, Info                  CSI    0000124d [SR] Beginning Verify and Repair transaction
2016-12-19 18:26:06, Info                  CSI    000012b8 [SR] Verify complete
2016-12-19 18:26:06, Info                  CSI    000012b9 [SR] Verifying 100 components
2016-12-19 18:26:06, Info                  CSI    000012ba [SR] Beginning Verify and Repair transaction
2016-12-19 18:26:26, Info                  CSI    00001321 [SR] Verify complete
2016-12-19 18:26:26, Info                  CSI    00001322 [SR] Verifying 100 components
2016-12-19 18:26:26, Info                  CSI    00001323 [SR] Beginning Verify and Repair transaction
2016-12-19 18:26:39, Info                  CSI    000013cc [SR] Verify complete
2016-12-19 18:26:39, Info                  CSI    000013cd [SR] Verifying 100 components
2016-12-19 18:26:39, Info                  CSI    000013ce [SR] Beginning Verify and Repair transaction
2016-12-19 18:26:52, Info                  CSI    00001474 [SR] Verify complete
2016-12-19 18:26:52, Info                  CSI    00001475 [SR] Verifying 100 components
2016-12-19 18:26:52, Info                  CSI    00001476 [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:03, Info                  CSI    000014fc [SR] Verify complete
2016-12-19 18:27:03, Info                  CSI    000014fd [SR] Verifying 100 components
2016-12-19 18:27:03, Info                  CSI    000014fe [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:15, Info                  CSI    0000156d [SR] Verify complete
2016-12-19 18:27:16, Info                  CSI    0000156e [SR] Verifying 100 components
2016-12-19 18:27:16, Info                  CSI    0000156f [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:27, Info                  CSI    000015e1 [SR] Verify complete
2016-12-19 18:27:27, Info                  CSI    000015e2 [SR] Verifying 100 components
2016-12-19 18:27:27, Info                  CSI    000015e3 [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:37, Info                  CSI    00001660 [SR] Verify complete
2016-12-19 18:27:37, Info                  CSI    00001661 [SR] Verifying 100 components
2016-12-19 18:27:37, Info                  CSI    00001662 [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:45, Info                  CSI    000016d9 [SR] Verify complete
2016-12-19 18:27:45, Info                  CSI    000016da [SR] Verifying 100 components
2016-12-19 18:27:45, Info                  CSI    000016db [SR] Beginning Verify and Repair transaction
2016-12-19 18:27:56, Info                  CSI    00001743 [SR] Verify complete
2016-12-19 18:27:56, Info                  CSI    00001744 [SR] Verifying 100 components
2016-12-19 18:27:56, Info                  CSI    00001745 [SR] Beginning Verify and Repair transaction
2016-12-19 18:28:04, Info                  CSI    000017aa [SR] Verify complete
2016-12-19 18:28:05, Info                  CSI    000017ab [SR] Verifying 100 components
2016-12-19 18:28:05, Info                  CSI    000017ac [SR] Beginning Verify and Repair transaction
2016-12-19 18:28:15, Info                  CSI    00001812 [SR] Verify complete
2016-12-19 18:28:15, Info                  CSI    00001813 [SR] Verifying 100 components
2016-12-19 18:28:15, Info                  CSI    00001814 [SR] Beginning Verify and Repair transaction
2016-12-19 18:28:25, Info                  CSI    0000188a [SR] Verify complete
2016-12-19 18:28:25, Info                  CSI    0000188b [SR] Verifying 100 components
2016-12-19 18:28:25, Info                  CSI    0000188c [SR] Beginning Verify and Repair transaction
2016-12-19 18:28:35, Info                  CSI    00001908 [SR] Verify complete
2016-12-19 18:28:35, Info                  CSI    00001909 [SR] Verifying 100 components
2016-12-19 18:28:35, Info                  CSI    0000190a [SR] Beginning Verify and Repair transaction
2016-12-19 18:28:48, Info                  CSI    000019a2 [SR] Verify complete
2016-12-19 18:28:48, Info                  CSI    000019a3 [SR] Verifying 100 components
2016-12-19 18:28:48, Info                  CSI    000019a4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:02, Info                  CSI    00001a2c [SR] Verify complete
2016-12-19 18:29:03, Info                  CSI    00001a2d [SR] Verifying 100 components
2016-12-19 18:29:03, Info                  CSI    00001a2e [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:18, Info                  CSI    00001ac2 [SR] Verify complete
2016-12-19 18:29:18, Info                  CSI    00001ac3 [SR] Verifying 100 components
2016-12-19 18:29:18, Info                  CSI    00001ac4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:27, Info                  CSI    00001b2d [SR] Verify complete
2016-12-19 18:29:27, Info                  CSI    00001b2e [SR] Verifying 100 components
2016-12-19 18:29:27, Info                  CSI    00001b2f [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:35, Info                  CSI    00001b9f [SR] Verify complete
2016-12-19 18:29:35, Info                  CSI    00001ba0 [SR] Verifying 100 components
2016-12-19 18:29:35, Info                  CSI    00001ba1 [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:44, Info                  CSI    00001c0d [SR] Verify complete
2016-12-19 18:29:44, Info                  CSI    00001c0e [SR] Verifying 100 components
2016-12-19 18:29:44, Info                  CSI    00001c0f [SR] Beginning Verify and Repair transaction
2016-12-19 18:29:57, Info                  CSI    00001c94 [SR] Verify complete
2016-12-19 18:29:58, Info                  CSI    00001c95 [SR] Verifying 100 components
2016-12-19 18:29:58, Info                  CSI    00001c96 [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:04, Info                  CSI    00001cfb [SR] Verify complete
2016-12-19 18:30:04, Info                  CSI    00001cfc [SR] Verifying 100 components
2016-12-19 18:30:04, Info                  CSI    00001cfd [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:11, Info                  CSI    00001d64 [SR] Verify complete
2016-12-19 18:30:11, Info                  CSI    00001d65 [SR] Verifying 100 components
2016-12-19 18:30:11, Info                  CSI    00001d66 [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:21, Info                  CSI    00001dda [SR] Verify complete
2016-12-19 18:30:21, Info                  CSI    00001ddb [SR] Verifying 100 components
2016-12-19 18:30:21, Info                  CSI    00001ddc [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:33, Info                  CSI    00001e55 [SR] Verify complete
2016-12-19 18:30:33, Info                  CSI    00001e56 [SR] Verifying 100 components
2016-12-19 18:30:33, Info                  CSI    00001e57 [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:46, Info                  CSI    00001ed5 [SR] Verify complete
2016-12-19 18:30:46, Info                  CSI    00001ed6 [SR] Verifying 100 components
2016-12-19 18:30:46, Info                  CSI    00001ed7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:30:56, Info                  CSI    00001f4c [SR] Verify complete
2016-12-19 18:30:56, Info                  CSI    00001f4d [SR] Verifying 100 components
2016-12-19 18:30:56, Info                  CSI    00001f4e [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:04, Info                  CSI    00001fbc [SR] Verify complete
2016-12-19 18:31:05, Info                  CSI    00001fbd [SR] Verifying 100 components
2016-12-19 18:31:05, Info                  CSI    00001fbe [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:16, Info                  CSI    00002040 [SR] Verify complete
2016-12-19 18:31:16, Info                  CSI    00002041 [SR] Verifying 100 components
2016-12-19 18:31:16, Info                  CSI    00002042 [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:23, Info                  CSI    000020d3 [SR] Verify complete
2016-12-19 18:31:24, Info                  CSI    000020d4 [SR] Verifying 100 components
2016-12-19 18:31:24, Info                  CSI    000020d5 [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:36, Info                  CSI    00002150 [SR] Verify complete
2016-12-19 18:31:36, Info                  CSI    00002151 [SR] Verifying 100 components
2016-12-19 18:31:36, Info                  CSI    00002152 [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:50, Info                  CSI    000021cd [SR] Verify complete
2016-12-19 18:31:50, Info                  CSI    000021ce [SR] Verifying 100 components
2016-12-19 18:31:50, Info                  CSI    000021cf [SR] Beginning Verify and Repair transaction
2016-12-19 18:31:56, Info                  CSI    00002236 [SR] Verify complete
2016-12-19 18:31:56, Info                  CSI    00002237 [SR] Verifying 100 components
2016-12-19 18:31:56, Info                  CSI    00002238 [SR] Beginning Verify and Repair transaction
2016-12-19 18:32:06, Info                  CSI    000022a2 [SR] Verify complete
2016-12-19 18:32:06, Info                  CSI    000022a3 [SR] Verifying 100 components
2016-12-19 18:32:06, Info                  CSI    000022a4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:32:20, Info                  CSI    00002311 [SR] Verify complete
2016-12-19 18:32:20, Info                  CSI    00002312 [SR] Verifying 100 components
2016-12-19 18:32:20, Info                  CSI    00002313 [SR] Beginning Verify and Repair transaction
2016-12-19 18:32:41, Info                  CSI    000023a5 [SR] Verify complete
2016-12-19 18:32:41, Info                  CSI    000023a6 [SR] Verifying 100 components
2016-12-19 18:32:41, Info                  CSI    000023a7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:32:51, Info                  CSI    00002415 [SR] Verify complete
2016-12-19 18:32:51, Info                  CSI    00002416 [SR] Verifying 100 components
2016-12-19 18:32:51, Info                  CSI    00002417 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:00, Info                  CSI    00002483 [SR] Verify complete
2016-12-19 18:33:00, Info                  CSI    00002484 [SR] Verifying 100 components
2016-12-19 18:33:00, Info                  CSI    00002485 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:07, Info                  CSI    000024ee [SR] Verify complete
2016-12-19 18:33:07, Info                  CSI    000024ef [SR] Verifying 100 components
2016-12-19 18:33:07, Info                  CSI    000024f0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:17, Info                  CSI    00002593 [SR] Verify complete
2016-12-19 18:33:17, Info                  CSI    00002594 [SR] Verifying 100 components
2016-12-19 18:33:17, Info                  CSI    00002595 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:28, Info                  CSI    00002604 [SR] Verify complete
2016-12-19 18:33:28, Info                  CSI    00002605 [SR] Verifying 100 components
2016-12-19 18:33:28, Info                  CSI    00002606 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:36, Info                  CSI    0000266b [SR] Verify complete
2016-12-19 18:33:36, Info                  CSI    0000266c [SR] Verifying 100 components
2016-12-19 18:33:36, Info                  CSI    0000266d [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:45, Info                  CSI    000026de [SR] Verify complete
2016-12-19 18:33:45, Info                  CSI    000026df [SR] Verifying 100 components
2016-12-19 18:33:45, Info                  CSI    000026e0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:33:55, Info                  CSI    00002754 [SR] Verify complete
2016-12-19 18:33:55, Info                  CSI    00002755 [SR] Verifying 100 components
2016-12-19 18:33:55, Info                  CSI    00002756 [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:03, Info                  CSI    000027cb [SR] Verify complete
2016-12-19 18:34:03, Info                  CSI    000027cc [SR] Verifying 100 components
2016-12-19 18:34:03, Info                  CSI    000027cd [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:13, Info                  CSI    0000283c [SR] Verify complete
2016-12-19 18:34:13, Info                  CSI    0000283d [SR] Verifying 100 components
2016-12-19 18:34:13, Info                  CSI    0000283e [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:25, Info                  CSI    000028c6 [SR] Verify complete
2016-12-19 18:34:25, Info                  CSI    000028c7 [SR] Verifying 100 components
2016-12-19 18:34:25, Info                  CSI    000028c8 [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:37, Info                  CSI    0000296c [SR] Verify complete
2016-12-19 18:34:37, Info                  CSI    0000296d [SR] Verifying 100 components
2016-12-19 18:34:37, Info                  CSI    0000296e [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:46, Info                  CSI    000029de [SR] Verify complete
2016-12-19 18:34:46, Info                  CSI    000029df [SR] Verifying 100 components
2016-12-19 18:34:46, Info                  CSI    000029e0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:34:54, Info                  CSI    00002a45 [SR] Verify complete
2016-12-19 18:34:54, Info                  CSI    00002a46 [SR] Verifying 100 components
2016-12-19 18:34:54, Info                  CSI    00002a47 [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:03, Info                  CSI    00002ab4 [SR] Verify complete
2016-12-19 18:35:04, Info                  CSI    00002ab5 [SR] Verifying 100 components
2016-12-19 18:35:04, Info                  CSI    00002ab6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:12, Info                  CSI    00002b23 [SR] Verify complete
2016-12-19 18:35:13, Info                  CSI    00002b24 [SR] Verifying 100 components
2016-12-19 18:35:13, Info                  CSI    00002b25 [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:23, Info                  CSI    00002ba3 [SR] Verify complete
2016-12-19 18:35:23, Info                  CSI    00002ba4 [SR] Verifying 100 components
2016-12-19 18:35:23, Info                  CSI    00002ba5 [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:31, Info                  CSI    00002c0a [SR] Verify complete
2016-12-19 18:35:31, Info                  CSI    00002c0b [SR] Verifying 100 components
2016-12-19 18:35:31, Info                  CSI    00002c0c [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:39, Info                  CSI    00002c7a [SR] Verify complete
2016-12-19 18:35:39, Info                  CSI    00002c7b [SR] Verifying 100 components
2016-12-19 18:35:39, Info                  CSI    00002c7c [SR] Beginning Verify and Repair transaction
2016-12-19 18:35:50, Info                  CSI    00002cee [SR] Verify complete
2016-12-19 18:35:50, Info                  CSI    00002cef [SR] Verifying 100 components
2016-12-19 18:35:50, Info                  CSI    00002cf0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:01, Info                  CSI    00002d6f [SR] Verify complete
2016-12-19 18:36:01, Info                  CSI    00002d70 [SR] Verifying 100 components
2016-12-19 18:36:01, Info                  CSI    00002d71 [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:12, Info                  CSI    00002dde [SR] Verify complete
2016-12-19 18:36:12, Info                  CSI    00002ddf [SR] Verifying 100 components
2016-12-19 18:36:12, Info                  CSI    00002de0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:22, Info                  CSI    00002e56 [SR] Verify complete
2016-12-19 18:36:23, Info                  CSI    00002e57 [SR] Verifying 100 components
2016-12-19 18:36:23, Info                  CSI    00002e58 [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:36, Info                  CSI    00002ef5 [SR] Verify complete
2016-12-19 18:36:36, Info                  CSI    00002ef6 [SR] Verifying 100 components
2016-12-19 18:36:36, Info                  CSI    00002ef7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:50, Info                  CSI    00002f78 [SR] Verify complete
2016-12-19 18:36:50, Info                  CSI    00002f79 [SR] Verifying 100 components
2016-12-19 18:36:50, Info                  CSI    00002f7a [SR] Beginning Verify and Repair transaction
2016-12-19 18:36:59, Info                  CSI    00002fe0 [SR] Verify complete
2016-12-19 18:36:59, Info                  CSI    00002fe1 [SR] Verifying 100 components
2016-12-19 18:36:59, Info                  CSI    00002fe2 [SR] Beginning Verify and Repair transaction
2016-12-19 18:37:09, Info                  CSI    0000305a [SR] Verify complete
2016-12-19 18:37:09, Info                  CSI    0000305b [SR] Verifying 100 components
2016-12-19 18:37:09, Info                  CSI    0000305c [SR] Beginning Verify and Repair transaction
2016-12-19 18:37:21, Info                  CSI    000030c9 [SR] Verify complete
2016-12-19 18:37:21, Info                  CSI    000030ca [SR] Verifying 100 components
2016-12-19 18:37:21, Info                  CSI    000030cb [SR] Beginning Verify and Repair transaction
2016-12-19 18:37:30, Info                  CSI    00003135 [SR] Verify complete
2016-12-19 18:37:31, Info                  CSI    00003136 [SR] Verifying 100 components
2016-12-19 18:37:31, Info                  CSI    00003137 [SR] Beginning Verify and Repair transaction
2016-12-19 18:37:40, Info                  CSI    000031a2 [SR] Verify complete
2016-12-19 18:37:40, Info                  CSI    000031a3 [SR] Verifying 100 components
2016-12-19 18:37:40, Info                  CSI    000031a4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:37:49, Info                  CSI    0000320e [SR] Verify complete
2016-12-19 18:37:49, Info                  CSI    0000320f [SR] Verifying 100 components
2016-12-19 18:37:49, Info                  CSI    00003210 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:00, Info                  CSI    00003285 [SR] Verify complete
2016-12-19 18:38:00, Info                  CSI    00003286 [SR] Verifying 100 components
2016-12-19 18:38:00, Info                  CSI    00003287 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:10, Info                  CSI    000032ff [SR] Verify complete
2016-12-19 18:38:10, Info                  CSI    00003300 [SR] Verifying 100 components
2016-12-19 18:38:10, Info                  CSI    00003301 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:19, Info                  CSI    00003376 [SR] Verify complete
2016-12-19 18:38:20, Info                  CSI    00003377 [SR] Verifying 100 components
2016-12-19 18:38:20, Info                  CSI    00003378 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:27, Info                  CSI    000033e4 [SR] Verify complete
2016-12-19 18:38:27, Info                  CSI    000033e5 [SR] Verifying 100 components
2016-12-19 18:38:27, Info                  CSI    000033e6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:35, Info                  CSI    00003461 [SR] Verify complete
2016-12-19 18:38:35, Info                  CSI    00003462 [SR] Verifying 100 components
2016-12-19 18:38:35, Info                  CSI    00003463 [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:44, Info                  CSI    000034c8 [SR] Verify complete
2016-12-19 18:38:44, Info                  CSI    000034c9 [SR] Verifying 100 components
2016-12-19 18:38:44, Info                  CSI    000034ca [SR] Beginning Verify and Repair transaction
2016-12-19 18:38:54, Info                  CSI    00003534 [SR] Verify complete
2016-12-19 18:38:54, Info                  CSI    00003535 [SR] Verifying 100 components
2016-12-19 18:38:54, Info                  CSI    00003536 [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:04, Info                  CSI    0000359b [SR] Verify complete
2016-12-19 18:39:04, Info                  CSI    0000359c [SR] Verifying 100 components
2016-12-19 18:39:04, Info                  CSI    0000359d [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:16, Info                  CSI    00003617 [SR] Verify complete
2016-12-19 18:39:16, Info                  CSI    00003618 [SR] Verifying 100 components
2016-12-19 18:39:16, Info                  CSI    00003619 [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:32, Info                  CSI    00003727 [SR] Verify complete
2016-12-19 18:39:32, Info                  CSI    00003728 [SR] Verifying 100 components
2016-12-19 18:39:32, Info                  CSI    00003729 [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:39, Info                  CSI    00003792 [SR] Verify complete
2016-12-19 18:39:39, Info                  CSI    00003793 [SR] Verifying 100 components
2016-12-19 18:39:39, Info                  CSI    00003794 [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:50, Info                  CSI    00003816 [SR] Verify complete
2016-12-19 18:39:51, Info                  CSI    00003817 [SR] Verifying 100 components
2016-12-19 18:39:51, Info                  CSI    00003818 [SR] Beginning Verify and Repair transaction
2016-12-19 18:39:57, Info                  CSI    0000387d [SR] Verify complete
2016-12-19 18:39:58, Info                  CSI    0000387e [SR] Verifying 100 components
2016-12-19 18:39:58, Info                  CSI    0000387f [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:08, Info                  CSI    000038e4 [SR] Verify complete
2016-12-19 18:40:08, Info                  CSI    000038e5 [SR] Verifying 100 components
2016-12-19 18:40:08, Info                  CSI    000038e6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:16, Info                  CSI    0000394d [SR] Verify complete
2016-12-19 18:40:16, Info                  CSI    0000394e [SR] Verifying 100 components
2016-12-19 18:40:16, Info                  CSI    0000394f [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:26, Info                  CSI    000039b4 [SR] Verify complete
2016-12-19 18:40:26, Info                  CSI    000039b5 [SR] Verifying 100 components
2016-12-19 18:40:26, Info                  CSI    000039b6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:34, Info                  CSI    00003a1c [SR] Verify complete
2016-12-19 18:40:34, Info                  CSI    00003a1d [SR] Verifying 100 components
2016-12-19 18:40:34, Info                  CSI    00003a1e [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:40, Info                  CSI    00003a83 [SR] Verify complete
2016-12-19 18:40:40, Info                  CSI    00003a84 [SR] Verifying 100 components
2016-12-19 18:40:40, Info                  CSI    00003a85 [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:47, Info                  CSI    00003aeb [SR] Verify complete
2016-12-19 18:40:47, Info                  CSI    00003aec [SR] Verifying 100 components
2016-12-19 18:40:47, Info                  CSI    00003aed [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:53, Info                  CSI    00003b53 [SR] Verify complete
2016-12-19 18:40:53, Info                  CSI    00003b54 [SR] Verifying 100 components
2016-12-19 18:40:53, Info                  CSI    00003b55 [SR] Beginning Verify and Repair transaction
2016-12-19 18:40:58, Info                  CSI    00003bba [SR] Verify complete
2016-12-19 18:40:58, Info                  CSI    00003bbb [SR] Verifying 100 components
2016-12-19 18:40:58, Info                  CSI    00003bbc [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:05, Info                  CSI    00003c23 [SR] Verify complete
2016-12-19 18:41:05, Info                  CSI    00003c24 [SR] Verifying 100 components
2016-12-19 18:41:05, Info                  CSI    00003c25 [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:12, Info                  CSI    00003cb2 [SR] Verify complete
2016-12-19 18:41:12, Info                  CSI    00003cb3 [SR] Verifying 100 components
2016-12-19 18:41:12, Info                  CSI    00003cb4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:22, Info                  CSI    00003d19 [SR] Verify complete
2016-12-19 18:41:22, Info                  CSI    00003d1a [SR] Verifying 100 components
2016-12-19 18:41:22, Info                  CSI    00003d1b [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:32, Info                  CSI    00003d86 [SR] Verify complete
2016-12-19 18:41:32, Info                  CSI    00003d87 [SR] Verifying 100 components
2016-12-19 18:41:32, Info                  CSI    00003d88 [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:48, Info                  CSI    00003ded [SR] Verify complete
2016-12-19 18:41:48, Info                  CSI    00003dee [SR] Verifying 100 components
2016-12-19 18:41:48, Info                  CSI    00003def [SR] Beginning Verify and Repair transaction
2016-12-19 18:41:57, Info                  CSI    00003e54 [SR] Verify complete
2016-12-19 18:41:58, Info                  CSI    00003e55 [SR] Verifying 100 components
2016-12-19 18:41:58, Info                  CSI    00003e56 [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:07, Info                  CSI    00003ebc [SR] Verify complete
2016-12-19 18:42:07, Info                  CSI    00003ebd [SR] Verifying 100 components
2016-12-19 18:42:07, Info                  CSI    00003ebe [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:14, Info                  CSI    00003f23 [SR] Verify complete
2016-12-19 18:42:14, Info                  CSI    00003f24 [SR] Verifying 100 components
2016-12-19 18:42:14, Info                  CSI    00003f25 [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:28, Info                  CSI    00003f8b [SR] Verify complete
2016-12-19 18:42:28, Info                  CSI    00003f8c [SR] Verifying 100 components
2016-12-19 18:42:28, Info                  CSI    00003f8d [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:38, Info                  CSI    00003ffa [SR] Verify complete
2016-12-19 18:42:38, Info                  CSI    00003ffb [SR] Verifying 100 components
2016-12-19 18:42:38, Info                  CSI    00003ffc [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:49, Info                  CSI    00004064 [SR] Verify complete
2016-12-19 18:42:49, Info                  CSI    00004065 [SR] Verifying 100 components
2016-12-19 18:42:49, Info                  CSI    00004066 [SR] Beginning Verify and Repair transaction
2016-12-19 18:42:55, Info                  CSI    000040cb [SR] Verify complete
2016-12-19 18:42:56, Info                  CSI    000040cc [SR] Verifying 100 components
2016-12-19 18:42:56, Info                  CSI    000040cd [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:03, Info                  CSI    00004139 [SR] Verify complete
2016-12-19 18:43:03, Info                  CSI    0000413a [SR] Verifying 100 components
2016-12-19 18:43:03, Info                  CSI    0000413b [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:13, Info                  CSI    000041b0 [SR] Verify complete
2016-12-19 18:43:13, Info                  CSI    000041b1 [SR] Verifying 100 components
2016-12-19 18:43:13, Info                  CSI    000041b2 [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:21, Info                  CSI    0000421d [SR] Verify complete
2016-12-19 18:43:21, Info                  CSI    0000421e [SR] Verifying 100 components
2016-12-19 18:43:21, Info                  CSI    0000421f [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:30, Info                  CSI    00004284 [SR] Verify complete
2016-12-19 18:43:30, Info                  CSI    00004285 [SR] Verifying 100 components
2016-12-19 18:43:30, Info                  CSI    00004286 [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:38, Info                  CSI    000042eb [SR] Verify complete
2016-12-19 18:43:38, Info                  CSI    000042ec [SR] Verifying 100 components
2016-12-19 18:43:38, Info                  CSI    000042ed [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:47, Info                  CSI    00004352 [SR] Verify complete
2016-12-19 18:43:47, Info                  CSI    00004353 [SR] Verifying 100 components
2016-12-19 18:43:47, Info                  CSI    00004354 [SR] Beginning Verify and Repair transaction
2016-12-19 18:43:56, Info                  CSI    000043ba [SR] Verify complete
2016-12-19 18:43:56, Info                  CSI    000043bb [SR] Verifying 100 components
2016-12-19 18:43:56, Info                  CSI    000043bc [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:08, Info                  CSI    00004431 [SR] Verify complete
2016-12-19 18:44:08, Info                  CSI    00004432 [SR] Verifying 100 components
2016-12-19 18:44:08, Info                  CSI    00004433 [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:17, Info                  CSI    000044a3 [SR] Verify complete
2016-12-19 18:44:17, Info                  CSI    000044a4 [SR] Verifying 100 components
2016-12-19 18:44:17, Info                  CSI    000044a5 [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:26, Info                  CSI    00004517 [SR] Verify complete
2016-12-19 18:44:26, Info                  CSI    00004518 [SR] Verifying 100 components
2016-12-19 18:44:26, Info                  CSI    00004519 [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:35, Info                  CSI    00004591 [SR] Verify complete
2016-12-19 18:44:35, Info                  CSI    00004592 [SR] Verifying 100 components
2016-12-19 18:44:35, Info                  CSI    00004593 [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:46, Info                  CSI    000045fa [SR] Verify complete
2016-12-19 18:44:46, Info                  CSI    000045fb [SR] Verifying 100 components
2016-12-19 18:44:46, Info                  CSI    000045fc [SR] Beginning Verify and Repair transaction
2016-12-19 18:44:56, Info                  CSI    00004677 [SR] Verify complete
2016-12-19 18:44:56, Info                  CSI    00004678 [SR] Verifying 100 components
2016-12-19 18:44:56, Info                  CSI    00004679 [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:08, Info                  CSI    000046e9 [SR] Verify complete
2016-12-19 18:45:08, Info                  CSI    000046ea [SR] Verifying 100 components
2016-12-19 18:45:08, Info                  CSI    000046eb [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:14, Info                  CSI    00004750 [SR] Verify complete
2016-12-19 18:45:14, Info                  CSI    00004751 [SR] Verifying 100 components
2016-12-19 18:45:14, Info                  CSI    00004752 [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:21, Info                  CSI    000047b7 [SR] Verify complete
2016-12-19 18:45:21, Info                  CSI    000047b8 [SR] Verifying 100 components
2016-12-19 18:45:21, Info                  CSI    000047b9 [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:33, Info                  CSI    00004833 [SR] Verify complete
2016-12-19 18:45:33, Info                  CSI    00004834 [SR] Verifying 100 components
2016-12-19 18:45:33, Info                  CSI    00004835 [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:45, Info                  CSI    000048ba [SR] Verify complete
2016-12-19 18:45:45, Info                  CSI    000048bb [SR] Verifying 100 components
2016-12-19 18:45:45, Info                  CSI    000048bc [SR] Beginning Verify and Repair transaction
2016-12-19 18:45:58, Info                  CSI    00004928 [SR] Verify complete
2016-12-19 18:45:58, Info                  CSI    00004929 [SR] Verifying 100 components
2016-12-19 18:45:58, Info                  CSI    0000492a [SR] Beginning Verify and Repair transaction
2016-12-19 18:46:10, Info                  CSI    000049ad [SR] Verify complete
2016-12-19 18:46:10, Info                  CSI    000049ae [SR] Verifying 100 components
2016-12-19 18:46:10, Info                  CSI    000049af [SR] Beginning Verify and Repair transaction
2016-12-19 18:46:21, Info                  CSI    00004a35 [SR] Verify complete
2016-12-19 18:46:21, Info                  CSI    00004a36 [SR] Verifying 100 components
2016-12-19 18:46:21, Info                  CSI    00004a37 [SR] Beginning Verify and Repair transaction
2016-12-19 18:46:31, Info                  CSI    00004aa9 [SR] Verify complete
2016-12-19 18:46:31, Info                  CSI    00004aaa [SR] Verifying 100 components
2016-12-19 18:46:31, Info                  CSI    00004aab [SR] Beginning Verify and Repair transaction
2016-12-19 18:46:40, Info                  CSI    00004b1b [SR] Verify complete
2016-12-19 18:46:40, Info                  CSI    00004b1c [SR] Verifying 100 components
2016-12-19 18:46:40, Info                  CSI    00004b1d [SR] Beginning Verify and Repair transaction
2016-12-19 18:46:51, Info                  CSI    00004b90 [SR] Verify complete
2016-12-19 18:46:51, Info                  CSI    00004b91 [SR] Verifying 100 components
2016-12-19 18:46:51, Info                  CSI    00004b92 [SR] Beginning Verify and Repair transaction
2016-12-19 18:47:02, Info                  CSI    00004bfb [SR] Verify complete
2016-12-19 18:47:02, Info                  CSI    00004bfc [SR] Verifying 100 components
2016-12-19 18:47:02, Info                  CSI    00004bfd [SR] Beginning Verify and Repair transaction
2016-12-19 18:47:13, Info                  CSI    00004c77 [SR] Verify complete
2016-12-19 18:47:13, Info                  CSI    00004c78 [SR] Verifying 100 components
2016-12-19 18:47:13, Info                  CSI    00004c79 [SR] Beginning Verify and Repair transaction
2016-12-19 18:47:25, Info                  CSI    00004cee [SR] Verify complete
2016-12-19 18:47:25, Info                  CSI    00004cef [SR] Verifying 100 components
2016-12-19 18:47:25, Info                  CSI    00004cf0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:47:35, Info                  CSI    00004d6b [SR] Verify complete
2016-12-19 18:47:35, Info                  CSI    00004d6c [SR] Verifying 100 components
2016-12-19 18:47:35, Info                  CSI    00004d6d [SR] Beginning Verify and Repair transaction
2016-12-19 18:47:47, Info                  CSI    00004dd9 [SR] Verify complete
2016-12-19 18:47:47, Info                  CSI    00004dda [SR] Verifying 100 components
2016-12-19 18:47:47, Info                  CSI    00004ddb [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:03, Info                  CSI    00004edf [SR] Verify complete
2016-12-19 18:48:03, Info                  CSI    00004ee0 [SR] Verifying 100 components
2016-12-19 18:48:03, Info                  CSI    00004ee1 [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:14, Info                  CSI    00004f8d [SR] Verify complete
2016-12-19 18:48:14, Info                  CSI    00004f8e [SR] Verifying 100 components
2016-12-19 18:48:14, Info                  CSI    00004f8f [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:24, Info                  CSI    00004ff5 [SR] Verify complete
2016-12-19 18:48:24, Info                  CSI    00004ff6 [SR] Verifying 100 components
2016-12-19 18:48:24, Info                  CSI    00004ff7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:33, Info                  CSI    0000505e [SR] Verify complete
2016-12-19 18:48:33, Info                  CSI    0000505f [SR] Verifying 100 components
2016-12-19 18:48:33, Info                  CSI    00005060 [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:43, Info                  CSI    000050dc [SR] Verify complete
2016-12-19 18:48:43, Info                  CSI    000050dd [SR] Verifying 100 components
2016-12-19 18:48:43, Info                  CSI    000050de [SR] Beginning Verify and Repair transaction
2016-12-19 18:48:53, Info                  CSI    00005169 [SR] Verify complete
2016-12-19 18:48:54, Info                  CSI    0000516a [SR] Verifying 100 components
2016-12-19 18:48:54, Info                  CSI    0000516b [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:03, Info                  CSI    000051d2 [SR] Verify complete
2016-12-19 18:49:03, Info                  CSI    000051d3 [SR] Verifying 100 components
2016-12-19 18:49:03, Info                  CSI    000051d4 [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:13, Info                  CSI    00005242 [SR] Verify complete
2016-12-19 18:49:13, Info                  CSI    00005243 [SR] Verifying 100 components
2016-12-19 18:49:13, Info                  CSI    00005244 [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:22, Info                  CSI    000052b7 [SR] Verify complete
2016-12-19 18:49:22, Info                  CSI    000052b8 [SR] Verifying 100 components
2016-12-19 18:49:22, Info                  CSI    000052b9 [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:33, Info                  CSI    00005343 [SR] Verify complete
2016-12-19 18:49:33, Info                  CSI    00005344 [SR] Verifying 100 components
2016-12-19 18:49:33, Info                  CSI    00005345 [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:46, Info                  CSI    000053bc [SR] Verify complete
2016-12-19 18:49:46, Info                  CSI    000053bd [SR] Verifying 100 components
2016-12-19 18:49:46, Info                  CSI    000053be [SR] Beginning Verify and Repair transaction
2016-12-19 18:49:58, Info                  CSI    00005430 [SR] Verify complete
2016-12-19 18:49:58, Info                  CSI    00005431 [SR] Verifying 100 components
2016-12-19 18:49:58, Info                  CSI    00005432 [SR] Beginning Verify and Repair transaction
2016-12-19 18:50:08, Info                  CSI    0000549f [SR] Verify complete
2016-12-19 18:50:08, Info                  CSI    000054a0 [SR] Verifying 100 components
2016-12-19 18:50:08, Info                  CSI    000054a1 [SR] Beginning Verify and Repair transaction
2016-12-19 18:50:20, Info                  CSI    0000550a [SR] Verify complete
2016-12-19 18:50:20, Info                  CSI    0000550b [SR] Verifying 100 components
2016-12-19 18:50:20, Info                  CSI    0000550c [SR] Beginning Verify and Repair transaction
2016-12-19 18:50:31, Info                  CSI    00005574 [SR] Verify complete
2016-12-19 18:50:31, Info                  CSI    00005575 [SR] Verifying 100 components
2016-12-19 18:50:31, Info                  CSI    00005576 [SR] Beginning Verify and Repair transaction
2016-12-19 18:50:46, Info                  CSI    0000560a [SR] Verify complete
2016-12-19 18:50:46, Info                  CSI    0000560b [SR] Verifying 100 components
2016-12-19 18:50:46, Info                  CSI    0000560c [SR] Beginning Verify and Repair transaction
2016-12-19 18:50:54, Info                  CSI    00005672 [SR] Verify complete
2016-12-19 18:50:54, Info                  CSI    00005673 [SR] Verifying 100 components
2016-12-19 18:50:54, Info                  CSI    00005674 [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:02, Info                  CSI    000056da [SR] Verify complete
2016-12-19 18:51:02, Info                  CSI    000056db [SR] Verifying 100 components
2016-12-19 18:51:02, Info                  CSI    000056dc [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:10, Info                  CSI    00005746 [SR] Verify complete
2016-12-19 18:51:11, Info                  CSI    00005747 [SR] Verifying 100 components
2016-12-19 18:51:11, Info                  CSI    00005748 [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:20, Info                  CSI    000057b1 [SR] Verify complete
2016-12-19 18:51:20, Info                  CSI    000057b2 [SR] Verifying 100 components
2016-12-19 18:51:20, Info                  CSI    000057b3 [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:28, Info                  CSI    00005822 [SR] Verify complete
2016-12-19 18:51:28, Info                  CSI    00005823 [SR] Verifying 100 components
2016-12-19 18:51:28, Info                  CSI    00005824 [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:37, Info                  CSI    0000588a [SR] Verify complete
2016-12-19 18:51:38, Info                  CSI    0000588b [SR] Verifying 100 components
2016-12-19 18:51:38, Info                  CSI    0000588c [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:45, Info                  CSI    000058f4 [SR] Verify complete
2016-12-19 18:51:46, Info                  CSI    000058f5 [SR] Verifying 100 components
2016-12-19 18:51:46, Info                  CSI    000058f6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:51:53, Info                  CSI    0000595d [SR] Verify complete
2016-12-19 18:51:53, Info                  CSI    0000595e [SR] Verifying 100 components
2016-12-19 18:51:53, Info                  CSI    0000595f [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:04, Info                  CSI    000059ce [SR] Verify complete
2016-12-19 18:52:04, Info                  CSI    000059cf [SR] Verifying 100 components
2016-12-19 18:52:04, Info                  CSI    000059d0 [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:12, Info                  CSI    00005a35 [SR] Verify complete
2016-12-19 18:52:12, Info                  CSI    00005a36 [SR] Verifying 100 components
2016-12-19 18:52:12, Info                  CSI    00005a37 [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:24, Info                  CSI    00005a9f [SR] Verify complete
2016-12-19 18:52:24, Info                  CSI    00005aa0 [SR] Verifying 100 components
2016-12-19 18:52:24, Info                  CSI    00005aa1 [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:33, Info                  CSI    00005b06 [SR] Verify complete
2016-12-19 18:52:33, Info                  CSI    00005b07 [SR] Verifying 100 components
2016-12-19 18:52:33, Info                  CSI    00005b08 [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:43, Info                  CSI    00005b6d [SR] Verify complete
2016-12-19 18:52:43, Info                  CSI    00005b6e [SR] Verifying 100 components
2016-12-19 18:52:43, Info                  CSI    00005b6f [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:50, Info                  CSI    00005bd5 [SR] Verify complete
2016-12-19 18:52:50, Info                  CSI    00005bd6 [SR] Verifying 100 components
2016-12-19 18:52:50, Info                  CSI    00005bd7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:52:57, Info                  CSI    00005c3e [SR] Verify complete
2016-12-19 18:52:57, Info                  CSI    00005c3f [SR] Verifying 100 components
2016-12-19 18:52:57, Info                  CSI    00005c40 [SR] Beginning Verify and Repair transaction
2016-12-19 18:53:10, Info                  CSI    00005ca5 [SR] Verify complete
2016-12-19 18:53:10, Info                  CSI    00005ca6 [SR] Verifying 28 components
2016-12-19 18:53:10, Info                  CSI    00005ca7 [SR] Beginning Verify and Repair transaction
2016-12-19 18:53:13, Info                  CSI    00005cc4 [SR] Verify complete
2016-12-19 18:53:13, Info                  CSI    00005cc5 [SR] Repairing 0 components
2016-12-19 18:53:13, Info                  CSI    00005cc6 [SR] Beginning Verify and Repair transaction
2016-12-19 18:53:13, Info                  CSI    00005cc7 [SR] Repair complete




Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/12/2016 7:38:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/12/2016 12:36:13 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 20/12/2016 12:34:33 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 20/12/2016 12:34:08 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 20/12/2016 12:33:59 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 20/12/2016 12:33:21 AM
Type: Error Category: 0
Event: 17 Source: BTHUSB
The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Log: 'System' Date/Time: 20/12/2016 12:33:17 AM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Log: 'System' Date/Time: 20/12/2016 12:31:46 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:14:54 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:14:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:14:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:12:53 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:12:28 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:12:28 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 19/12/2016 11:11:47 PM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Log: 'System' Date/Time: 19/12/2016 11:10:37 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/12/2016 12:34:01 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/12/2016 12:34:00 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\OCURActivate definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PBDADiscovery definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\MediaCenterRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\OneDrive Standalone Update Task definition. Additional Data: Error Value: C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\UpdateRecordPath definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ReindexSearchRoot definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PBDADiscoveryW2 definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\OneDrive Standalone Update Task v2 definition. Additional Data: Error Value: %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate_scheduled definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\DispatchRecoveryTasks definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrScheduleTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ConfigureInternetTimeService definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\InstallPlayReady definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ActivateWindowsSearch definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PeriodicScanRetry definition. Additional Data: Error Value: %windir%\ehome\MCUpdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.






NOTE  ********VEW run for Application Log brings back exact same txt file as "system log" above*****************

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/12/2016 7:38:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/12/2016 12:36:13 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 20/12/2016 12:34:33 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 20/12/2016 12:34:08 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 20/12/2016 12:33:59 AM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 20/12/2016 12:33:21 AM
Type: Error Category: 0
Event: 17 Source: BTHUSB
The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Log: 'System' Date/Time: 20/12/2016 12:33:17 AM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Log: 'System' Date/Time: 20/12/2016 12:31:46 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:14:54 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:14:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:14:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 19/12/2016 11:12:53 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:12:28 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

Log: 'System' Date/Time: 19/12/2016 11:12:28 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 19/12/2016 11:11:47 PM
Type: Error Category: 0
Event: 5 Source: BTHUSB
The Bluetooth driver expected an HCI event with a certain size but did not receive it.

Log: 'System' Date/Time: 19/12/2016 11:10:37 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/12/2016 12:34:01 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/12/2016 12:34:00 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\OCURActivate definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PBDADiscovery definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\MediaCenterRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\OneDrive Standalone Update Task definition. Additional Data: Error Value: C:\Users\CJJones\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:53 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\UpdateRecordPath definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ReindexSearchRoot definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PBDADiscoveryW2 definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\OneDrive Standalone Update Task v2 definition. Additional Data: Error Value: %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate_scheduled definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.

Log: 'System' Date/Time: 20/12/2016 12:33:52 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\DispatchRecoveryTasks definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrScheduleTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ConfigureInternetTimeService definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\InstallPlayReady definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ActivateWindowsSearch definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PeriodicScanRetry definition. Additional Data: Error Value: %windir%\ehome\MCUpdate.exe.

Log: 'System' Date/Time: 20/12/2016 12:33:51 AM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.






Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    79.82    0 K    4 K    0            
avgcsrva.exe    8.47    46,484 K    273,384 K    640    AVG Scanning Core Module - Server Part    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
procexp64.exe    2.86    26,980 K    59,680 K    1560    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
rundll32.exe    2.01    14,376 K    25,760 K    512    Windows host process (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rundll32.exe    1.87    14,808 K    26,584 K    9052    Windows host process (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    1.10    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    0.78    37,812 K    34,012 K    1356    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.64    255,168 K    289,552 K    6488    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
avgrsa.exe    0.62    11,516 K    19,156 K    548    AVG Resident Shield Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
System    0.41    648 K    14,992 K    4            
downloader2.exe    0.35    4,868 K    15,836 K    7400    RealDownloader        (Verified) RealNetworks
vprot.exe    0.30    6,548 K    20,856 K    7456    VProtect Application         (Verified) AVG Technologies CZ
svchost.exe    0.18    78,008 K    91,332 K    1296    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
avgidsagenta.exe    0.12    20,188 K    39,588 K    2996    AVG Identity Protection Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
ShellExperienceHost.exe    0.10    53,524 K    78,440 K    6240    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
NvStreamNetworkService.exe    0.08    6,452 K    17,668 K    6008    NVIDIA Network Stream Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvStreamUserAgent.exe    0.07    22,316 K    31,412 K    5140    NVIDIA Streamer User Agent    NVIDIA Corporation    (Verified) NVIDIA Corporation
SearchIndexer.exe    0.05    27,044 K    29,404 K    3436    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.05    2,180 K    8,000 K    516    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    0.05    51,452 K    105,524 K    3112    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
NvStreamService.exe    0.02    4,484 K    14,236 K    1960    NVIDIA Streamer Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
CCleaner64.exe    0.01    8,392 K    1,448 K    7596    CCleaner    Piriform Ltd    (Verified) Piriform Ltd
avgwdsvca.exe    0.01    16,380 K    38,788 K    2768    AVG Watchdog Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
taskhostw.exe    < 0.01    6,724 K    20,156 K    568    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    5,088 K    10,664 K    1176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
vmware-authd.exe    < 0.01    11,004 K    21,116 K    3172    VMware Authorization Service    VMware, Inc.    (Verified) VMware
rpdsvc.exe    < 0.01    12,556 K    9,824 K    3180    RealTimes Desktop Service    RealNetworks, Inc.    (Verified) RealNetworks
spoolsv.exe    < 0.01    7,936 K    20,488 K    2472    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe    < 0.01    18,420 K    29,100 K    5296    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
vmware-usbarbitrator64.exe    < 0.01    2,404 K    9,944 K    3308    VMware USB Arbitration Service    VMware, Inc.    (Verified) VMware
vmnat.exe    < 0.01    1,852 K    6,592 K    3640    VMware NAT Service    VMware, Inc.    (Verified) VMware
WmiApSrv.exe    < 0.01    1,732 K    7,936 K    3068    WMI Performance Reverse Adapter    Microsoft Corporation    (Verified) Microsoft Windows
nvvsvc.exe    < 0.01    4,388 K    14,004 K    1088    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    12,168 K    29,680 K    1652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
avgsvca.exe    < 0.01    8,240 K    26,196 K    2848    AVG Service Process    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
TrustedInstaller.exe    < 0.01    2,200 K    7,524 K    8572    Windows Modules Installer    Microsoft Corporation    (Verified) Microsoft Windows
WtuSystemSupport.exe        3,128 K    15,228 K    1784    WtuSyste Application        (Verified) AVG Technologies CZ
WmiPrvSE.exe        14,696 K    32,512 K    5248    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,288 K    8,356 K    404    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        2,304 K    9,716 K    872    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        964 K    5,016 K    332    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
VSSVC.exe        1,960 K    8,344 K    7848    Microsoft® Volume Shadow Copy Service    Microsoft Corporation    (Verified) Microsoft Windows
vmnetdhcp.exe        7,408 K    4,528 K    3316    VMware VMnet DHCP service    VMware, Inc.    (Verified) VMware
ToolbarUpdater.exe        1,752 K    9,140 K    3648    ToolbarU Application     AVG Secure Search    (Verified) AVG Technologies CZ
TiWorker.exe        55,636 K    65,424 K    8556    Windows Modules Installer Worker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        38,448 K    70,768 K    1388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,840 K    26,156 K    1112    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        20,808 K    32,024 K    1544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,012 K    18,852 K    1760    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        18,652 K    30,248 K    1488    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,988 K    10,992 K    1944    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,060 K    9,120 K    9020    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,056 K    29,548 K    3056    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,080 K    25,580 K    2784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,988 K    7,508 K    6596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,568 K    9,808 K    1568    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,060 K    22,564 K    3136    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,952 K    7,920 K    7876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,752 K    5,472 K    8928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,008 K    12,876 K    2388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,152 K    10,616 K    4340    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,152 K    11,420 K    2260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,052 K    10,676 K    2776    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,096 K    8,608 K    1940    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SMSvcHost.exe        23,332 K    21,628 K    3956    SMSvcHost.exe    Microsoft Corporation    (Verified) Microsoft Corporation
SMSvcHost.exe        21,216 K    14,280 K    4900    SMSvcHost.exe    Microsoft Corporation    (Verified) Microsoft Corporation
smss.exe        360 K    1,020 K    420    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smartscreen.exe        11,664 K    24,556 K    6880    SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
SkypeHost.exe    Suspended    4,676 K    332 K    8376    Microsoft Skype Preview    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        5,396 K    20,928 K    5888    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        3,496 K    8,972 K    904    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    85,036 K    140,348 K    6472    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
SearchProtocolHost.exe        3,596 K    9,196 K    7868    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
SearchFilterHost.exe        2,232 K    6,744 K    9204    Microsoft Windows Search Filter Host    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        16,816 K    42,948 K    4716    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
realsched.exe        2,204 K    520 K    7376    RealNetworks Scheduler    RealNetworks, Inc.    (Verified) RealNetworks
RealPlayerUpdateSvc.exe        1,648 K    8,168 K    2404            (Verified) RealNetworks
RAVCpl64.exe        4,248 K    13,844 K    6608    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
procexp.exe        3,664 K    11,136 K    560    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
OneDrive.exe        6,560 K    26,712 K    6656    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
nvxdsync.exe        6,112 K    19,868 K    864    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,272 K    9,700 K    1992    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        3,512 K    13,068 K    6704    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvNetworkService.exe        3,768 K    10,820 K    1928    NVIDIA Network Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvBackend.exe        6,900 K    17,360 K    2608    NVIDIA Backend    NVIDIA Corporation    (Verified) NVIDIA Corporation
notepad.exe        3,068 K    14,780 K    8864    Notepad    Microsoft Corporation    (Verified) Microsoft Windows
notepad.exe        3,316 K    14,792 K    9180    Notepad    Microsoft Corporation    (Verified) Microsoft Windows
NitroPDFReaderDriverService3x64.exe        1,276 K    5,404 K    2124    Nitro PDF Spool Service    Nitro PDF Software    (Verified) Nitro PDF Software
mqsvc.exe        4,284 K    12,900 K    2108    Message Queuing Service    Microsoft Corporation    (Verified) Microsoft Windows
Memory Compression        0 K    8 K    3216            
mDNSResponder.exe        1,856 K    6,440 K    2868    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
lsass.exe        5,452 K    14,860 K    1032    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Lightshot.exe        7,200 K    12,728 K    7316    Lightshot    Skillbrains    (Verified) OOO Lightshot
jusched.exe        1,748 K    7,196 K    7548    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America
HD-LogRotatorService.exe        7,520 K    11,340 K    3016    BlueStacks Log Rotator Service    BlueStack Systems, Inc.    (Verified) BlueStack Systems
GfExperienceService.exe        3,832 K    13,424 K    2972    NVIDIA GeForce ExperienceService    NVIDIA Corporation    (Verified) NVIDIA Corporation
fontdrvhost.exe        840 K    3,272 K    7260    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        2,232 K    9,832 K    8836    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        4,584 K    15,668 K    3500    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        1,680 K    4,668 K    956    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe        1,836 K    6,852 K    1448    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
avguix.exe        9,960 K    27,892 K    7332    AVG User Interface    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
avgnsa.exe        9,084 K    19,212 K    4936    AVG Online Shield Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
avgemca.exe        2,544 K    10,172 K    4952    AVG E-mail Scanner    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies CZ
audiodg.exe        10,380 K    15,068 K    2672    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
armsvc.exe        1,464 K    6,336 K    2860    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems





Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       420 N/A                                         
avgrsa.exe                     548 N/A                                         
avgcsrva.exe                   640 N/A                                         
csrss.exe                      956 N/A                                         
wininit.exe                    332 N/A                                         
csrss.exe                      516 N/A                                         
winlogon.exe                   872 N/A                                         
services.exe                   904 N/A                                         
lsass.exe                     1032 KeyIso, SamSs, VaultSvc                     
svchost.exe                   1112 BrokerInfrastructure, DcomLaunch, LSM,      
                                   PlugPlay, Power, SystemEventsBroker         
svchost.exe                   1176 RpcEptMapper, RpcSs                         
svchost.exe                   1296 AudioEndpointBuilder, CscService,           
                                   DeviceAssociationService, hidserv,          
                                   NcbService, PcaSvc, StorSvc, SysMain,       
                                   TrkWks, WdiSystemHost, wudfsvc              
dwm.exe                       1356 N/A                                         
svchost.exe                   1388 Appinfo, Browser, DoSvc, iphlpsvc,          
                                   LanmanServer, lfsvc, ProfSvc, Schedule,     
                                   SENS, ShellHWDetection, Themes,             
                                   UserManager, Winmgmt, WpnService, wuauserv  
svchost.exe                   1488 Dhcp, EventLog, HomeGroupProvider, lmhosts,
                                   TimeBrokerSvc, wscsvc                       
svchost.exe                   1544 BFE, CoreMessagingRegistrar, DPS, MpsSvc,   
                                   NcdAutoSetup                                
svchost.exe                   1652 CDPSvc, EventSystem, fdPHost, FontCache,    
                                   LicenseManager, netprofm, nsi,              
                                   WdiServiceHost, WinHttpAutoProxySvc         
svchost.exe                   1760 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
WtuSystemSupport.exe          1784 WtuSystemSupport                            
nvvsvc.exe                    1992 nvsvc                                       
nvxdsync.exe                   864 N/A                                         
nvvsvc.exe                    1088 N/A                                         
svchost.exe                   1568 Audiosrv                                    
svchost.exe                   2260 Wcmsvc                                      
svchost.exe                   2388 WlanSvc                                     
spoolsv.exe                   2472 Spooler                                     
audiodg.exe                   2672 N/A                                         
avgwdsvca.exe                 2768 avgwd                                       
svchost.exe                   2776 AppHostSvc                                  
svchost.exe                   2784 DiagTrack                                   
avgsvca.exe                   2848 avgsvc                                      
armsvc.exe                    2860 AdobeARMservice                             
mDNSResponder.exe             2868 Bonjour Service                             
GfExperienceService.exe       2972 GfExperienceService                         
avgidsagenta.exe              2996 AVGIDSAgent                                 
HD-LogRotatorService.exe      3016 BstHdLogRotatorSvc                          
svchost.exe                   1944 W3SVC, WAS                                  
mqsvc.exe                     2108 MSMQ                                        
NvNetworkService.exe          1928 NvNetworkService                            
NitroPDFReaderDriverServi     2124 NitroReaderDriverReadSpool3                 
svchost.exe                   1940 stisvc                                      
NvStreamService.exe           1960 NvStreamSvc                                 
RealPlayerUpdateSvc.exe       2404 RealPlayerUpdateSvc                         
svchost.exe                   3136 StateRepository, tiledatamodelsvc           
vmware-authd.exe              3172 VMAuthdService                              
rpdsvc.exe                    3180 RealTimes Desktop Service                   
Memory Compression            3216 N/A                                         
vmware-usbarbitrator64.ex     3308 VMUSBArbService                             
vmnetdhcp.exe                 3316 VMnetDHCP                                   
SearchIndexer.exe             3436 WSearch                                     
dasHost.exe                   3500 N/A                                         
vmnat.exe                     3640 VMware NAT Service                          
ToolbarUpdater.exe            3648 vToolbarUpdater40.3.6                       
SMSvcHost.exe                 3956 NetPipeActivator                            
svchost.exe                   4340 FDResPub, SSDPSRV                           
SMSvcHost.exe                 4900 NetMsmqActivator                            
avgnsa.exe                    4936 N/A                                         
avgemca.exe                   4952 N/A                                         
WmiPrvSE.exe                  5248 N/A                                         
WmiPrvSE.exe                  5296 N/A                                         
NvStreamNetworkService.ex     6008 NvStreamNetworkSvc                          
WmiApSrv.exe                  3068 wmiApSrv                                    
sihost.exe                    5888 N/A                                         
svchost.exe                   3056 CDPUserSvc_ab8c2, OneSyncSvc_ab8c2,         
                                   PimIndexMaintenanceSvc_ab8c2,               
                                   UnistoreSvc_ab8c2, UserDataSvc_ab8c2        
NvStreamUserAgent.exe         5140 N/A                                         
taskhostw.exe                  568 N/A                                         
conhost.exe                   1448 N/A                                         
RuntimeBroker.exe             4716 N/A                                         
explorer.exe                  3112 N/A                                         
ShellExperienceHost.exe       6240 N/A                                         
SearchUI.exe                  6472 N/A                                         
nvtray.exe                    6704 N/A                                         
NvBackend.exe                 2608 N/A                                         
smartscreen.exe               6880 N/A                                         
firefox.exe                   6488 N/A                                         
RAVCpl64.exe                  6608 N/A                                         
OneDrive.exe                  6656 N/A                                         
fontdrvhost.exe               7260 N/A                                         
Lightshot.exe                 7316 N/A                                         
avguix.exe                    7332 N/A                                         
realsched.exe                 7376 N/A                                         
downloader2.exe               7400 N/A                                         
vprot.exe                     7456 N/A                                         
jusched.exe                   7548 N/A                                         
CCleaner64.exe                7596 N/A                                         
SkypeHost.exe                 8376 N/A                                         
notepad.exe                   9180 N/A                                         
TrustedInstaller.exe          8572 TrustedInstaller                            
TiWorker.exe                  8556 N/A                                         
dllhost.exe                   8836 N/A                                         
SearchProtocolHost.exe        7868 N/A                                         
svchost.exe                   6596 p2pimsvc, PNRPsvc                           
svchost.exe                   9020 AppXSvc                                     
procexp.exe                    560 N/A                                         
procexp64.exe                 1560 N/A                                         
WmiPrvSE.exe                   404 N/A                                         
VSSVC.exe                     7848 VSS                                         
svchost.exe                   7876 swprv                                       
SearchFilterHost.exe          8964 N/A                                         
backgroundTaskHost.exe        8648 N/A                                         
dllhost.exe                   2968 N/A                                         
dllhost.exe                   7184 N/A                                         
cmd.exe                       2536 N/A                                         
conhost.exe                   8580 N/A                                         
tasklist.exe                  5788 N/A                                         

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I don't see the speccy log.  Attaching a file is a bit of a pain on this forum.  It's a two step process.  You have to select the file With Choose File and Open then you have to click on Attach File.

 

I don't see any malware so I'm hoping that speccy will show a problem.

 

You do have a lot of errors.  Some of them are standard Win 10 errors.  It leaves a lot of orphaned GWX tasks after you upgrade from 7.  Also Win 10 does not support MediaCenter so a bunch of MediaCenter tasks are failing.  Probably slows down the boot a bit.  We will clean those up with a fixlist but  I want to see the speccy log first.

 

  


  • 0

#5
KaleysLaptop

KaleysLaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Sorry about that.

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

OK.  Speccy shows two problems.

 

One:  It's getting too hot

CPU
Intel Core 2 Duo E8400 @ 3.00GHz 65 °C
Wolfdale 45nm Technology

 

 

This is a desktop so should be easy to shut it down (leave it plugged up) and open it up.  Locate the CPY/heatsink/Fan.  Remove the fan but not the heatsink.  Use a vacuum cleaner hose and a small brush to clean the heatsink and the fan.  Reassemble the fan making sure it still points the same way.
 
You can monitor the temp in real time with speedfan:

 
 
 (Don't get the latest version as filehippo has a bad copy.  Instead get version 4.51.  Avoid the speedfan website's version as it is full of adware.)
 
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it (Win 7 or Vista right click and Run As Admin.).
 
It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  A desktop usually runs around 40 if it's doing nothing but should definitely be below 50.  (As the CPU gets busy it will heat up some but should never go over about 65 or so.  Higher and odd things start to happen.)
 
Two:
 
Your hard drive is showing errors:
0D
Attribute name Soft Read Error Rate
Real value 136,334,382
Current 100
Worst 100
Threshold 0
Raw Value 0008204C2E
Status Good

 

 

 
 
 
Soft Read Error Rate / Off Track Errors (Maxtor) S.M.A.R.T. parameter indicates the number of uncorrectable software read errors.
 
Recommendations
 
This is a critical parameter. Degradation of this parameter may indicate imminent drive failure. Urgent data backup and hardware replacement is recommended.
 

 

 

We can get a second opinion from speedfan:

 

 
click on the S.M.A.R.T. tab.  Click on the down arrow to the right of the Hard Disk box.  Select your hard drive.  Click on Perform and In-depth Online Analysis of this hard disk.  Your browser will open.
 
At the bottom of the new page will be a line:  
 
The link to get back and see a new report about this hard disk in the future is this.
 
Right click on the underlined "this" and select Copy Link Address.  Move to a Reply and Paste (Ctrl + v).
 
The cleaning is something you can do right away so get it clean and that may fix your current problem.
 
Your error logs and Process Explorer show a problem with AVG.  I would download a new version then uninstall the old.  Reboot and install the new.

  • 0

#7
KaleysLaptop

KaleysLaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

http://www.hddstatus...cation=07D28CF6


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Speedfan agrees the drive is weak.  I would clone it as soon as you can.  Lot easier than reinstalling from scratch and that way you won't lose your data and installed programs.

 

Were you able to clean the heatsink?  What does Speedfan show for temps?


  • 0

#9
KaleysLaptop

KaleysLaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Yes, I cleared the CPU heatsink & fan of dust with some compressed air.

Temps for Core 1 & Core 2 showing in the mid to upper 40c now.

 

http://prntscr.com/dmumk1


Edited by KaleysLaptop, 22 December 2016 - 06:37 PM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Definte improvement on the CPU temps but the GPU still looks a bit hot.  It probably has a separate fan and heatsink.  Did you clean them too?


  • 0

#11
KaleysLaptop

KaleysLaptop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Sadly it doesn't have a fan. but I'll hit it with some air and make sure the heat sink is clear. This case has the option of placing a fan to blow at the video card though. I'll see about adding one after Xmas.

Hope you have a Merry Christmas Rkinner.

 

P.S. I'm just north of you in Port St. John/Cocoa


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP